CVE-2026-4775
Published: March 24th, 2026
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
HIGH
CVSS v3: 7.8
CVSS v3: 7.8
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | libtiff (4.6.0) | Needs Triage | ||
| 26.1.1 | libtiff (4.6.0) | Needs Triage | ||
| 26.1 | libtiff (4.6.0) | Needs Triage | ||
| 25.4 | libtiff (4.6.0) | Needs Triage | ||
| 25.3 | libtiff (4.6.0) | Needs Triage | ||
| 25.2 | libtiff (4.6.0) | Needs Triage | ||
| 25.1.2 | libtiff (4.6.0) | Needs Triage | ||
| 25.1.1 | libtiff (4.6.0) | Needs Triage | ||
| 25.1 | libtiff (4.6.0) | Needs Triage | ||
| 24.4 | libtiff (4.6.0) | Needs Triage | ||
| 24.4.0 | libtiff (4.6.0) | Needs Triage | ||
| 24.3 | libtiff (4.6.0) | Needs Triage | ||
| 24.2.1 | libtiff (4.6.0) | Needs Triage | ||
| 24.2 | libtiff (4.6.0) | Needs Triage | ||
| 24.1 | libtiff (4.6.0) | Needs Triage | ||
| 23.3 | libtiff (4.5.1) | Needs Triage | ||
| 23.2.1 | libtiff (4.3.0) | Needs Triage | ||
| 23.2 | libtiff (4.3.0) | Needs Triage | ||
| 23.1 | libtiff (4.3.0) | Needs Triage | ||
| 22.4 | libtiff (4.3.0) | Needs Triage | ||
| 22.3 | libtiff (4.3.0) | Needs Triage | ||
| 22.2 | libtiff (4.3.0) | Needs Triage | ||
| 22.1 | libtiff (4.0.8) | Needs Triage | ||
| 21.11.1 | libtiff (4.0.8) | Needs Triage | ||
| 21.11 | libtiff (4.0.8) | Needs Triage | ||
| 21.8.1 | libtiff (4.0.8) | Needs Triage | ||
| 21.8 | libtiff (4.0.8) | Needs Triage | ||
| 21.5.1 | libtiff (4.0.8) | Needs Triage | ||
| 21.5.0 | libtiff (4.0.8) | Needs Triage | ||
| 21.2.0 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.20 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.19.3667 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.18.3599 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.17 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.16.3445 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.15.3368 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.14.3263 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.13.3179 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.12.3054 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.11.3040 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.11.2990 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.10.2934 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.9.2878 | libtiff (4.0.8) | Needs Triage | ||
| 11.4.8.2822 | libtiff (4.0.8) | Needs Triage |
Severity score breakdown
Attack Complexity
LOW
Attack Vector
LOCAL
Availability Impact
HIGH
Base Score
7.8
Base Severity
HIGH
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Privileges Required
NONE
Scope
UNCHANGED
User Interaction
REQUIRED
Vector String
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version
3.1