A signed integer overflow vulnerability (CVE-2026-4775, CVSS 7.8 HIGH) in libtiff can lead to arbitrary code execution or denial of service when processing a malicious TIFF file. The vulnerability affects libtiff versions up to, but not including, the patched release for Red Hat Enterprise Linux 6.0, 7.0, and 10, as well as Debian Linux 11.0. The Red Hat advisory provides updated packages, such as libtiff-4.6.0-6.el10_1.3 for RHEL 10, to remediate the issue.
Red Hat Product Errata RHSA-2026:12265 - Security Advisory Issued: 2026-04-30 Updated: 2026-04-30 RHSA-2026:12265 - Security Advisory Overview Updated Packages Synopsis Important: libtiff security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libtiff is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2450768 - CVE-2026-4775 libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVEs CVE-2026-4775 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM libtiff-4.6.0-6.el10_1.3.src.rpm SHA-256: 70c5f69e9591c0aed3ab0687a7113ff0b9e5445da5548ea9738d09ec8d19b53f x86_64 libtiff-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 9536e33dede02f863b1af29ddd8a8d8b22ae465e485d9e5b3d67280adc3cd063 libtiff-debuginfo-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 7dc7981ae066149828000867d6bb9d7db26f91b3cd2ac9b74410d21cfcaaa194 libtiff-debugsource-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: c840cf5bea0c5728fea24b9f26775f4489dcdf853e5f80c5cd67858f7139fd1e libtiff-devel-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 32041d76209135419e8833aa9add35ad1119eb0a20407dfc4be9503be5b9c872 libtiff-tools-debuginfo-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 22ccd587cd7aefcc4072a55dfd84551d669f95aee837fe16a3e16e7b09628772 Red Hat Enterprise Linux for IBM z Systems 10 SRPM libtiff-4.6.0-6.el10_1.3.src.rpm SHA-256: 70c5f69e9591c0aed3ab0687a7113ff0b9e5445da5548ea9738d09ec8d19b53f s390x libtiff-4.6.0-6.el10_1.3.s390x.rpm SHA-256: 871f4d04d9f55ca40dcf1b757eb30b7437417995a6411e86b9cce6cc447dac63 libtiff-debuginfo-4.6.0-6.el10_1.3.s390x.rpm SHA-256: cfa4ac2c16f54843371ef7650496f20ad5076ef8e2824c1da9bb47c48beab9de libtiff-debugsource-4.6.0-6.el10_1.3.s390x.rpm SHA-256: ab705fd147583840c7016abf3e079bbc1e5894d7eb58b0941ef83803b3d7c3fd libtiff-devel-4.6.0-6.el10_1.3.s390x.rpm SHA-256: 134536998594baa0f6b3cd41965b2f084a019cfe4a0d8f69dffa6811a972f2a2 libtiff-tools-debuginfo-4.6.0-6.el10_1.3.s390x.rpm SHA-256: 3474930328973b406b934226744c57bd3697ca6cd55e9551d244242496e0394d Red Hat Enterprise Linux for Power, little endian 10 SRPM libtiff-4.6.0-6.el10_1.3.src.rpm SHA-256: 70c5f69e9591c0aed3ab0687a7113ff0b9e5445da5548ea9738d09ec8d19b53f ppc64le libtiff-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 1d76572cae8421bb5a80413a728d94b2afbb3c42ad047c64a4d5630ec0a3f8bd libtiff-debuginfo-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 26c339b98f373293334cd68c47447f4eeb3e9970f0ddfa3f2394a4060b71f91f libtiff-debugsource-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 15ac23c8e88f55e73e33fbd9832328c5c086ec24a637d376d7f26ff179385fd0 libtiff-devel-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 58a02a3e1bc4bd6fcf55d8689da81849477249821060753b6bd6e89f48a6e3dc libtiff-tools-debuginfo-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: ce9511cf08c63804758d819cbb876ce27a9e5c9334a3b6639cf41464a4616015 Red Hat Enterprise Linux for ARM 64 10 SRPM libtiff-4.6.0-6.el10_1.3.src.rpm SHA-256: 70c5f69e9591c0aed3ab0687a7113ff0b9e5445da5548ea9738d09ec8d19b53f aarch64 libtiff-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 97a52fc1c11684b9292296b9120d74bda95c6e71266ae55fa782bbeb0b9fc041 libtiff-debuginfo-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 04aefa1491590cbb51b88abcd724b8a98c77dcbf0fdffd504ffd909c6e04a5fd libtiff-debugsource-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 468c7e87cb2fe210fc61dd4fd7761ad06a09e2b471d50966392976af6c70f744 libtiff-devel-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: a9b58fabb9cd5b8f914188b6476a0b6eda44dc8bb907477c260a297d56a9577f libtiff-tools-debuginfo-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 441b181954637832efba26a5d2b27457628200b1f73e2d883c448e6e732353a4 Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 libtiff-debuginfo-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 7dc7981ae066149828000867d6bb9d7db26f91b3cd2ac9b74410d21cfcaaa194 libtiff-debugsource-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: c840cf5bea0c5728fea24b9f26775f4489dcdf853e5f80c5cd67858f7139fd1e libtiff-tools-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: eac405c7da5519cc88624cecc33fff80ed9fd32b02b0fb234a23b1c23976c4ea libtiff-tools-debuginfo-4.6.0-6.el10_1.3.x86_64.rpm SHA-256: 22ccd587cd7aefcc4072a55dfd84551d669f95aee837fe16a3e16e7b09628772 Red Hat CodeReady Linux Builder for Power, little endian 10 SRPM ppc64le libtiff-debuginfo-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 26c339b98f373293334cd68c47447f4eeb3e9970f0ddfa3f2394a4060b71f91f libtiff-debugsource-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 15ac23c8e88f55e73e33fbd9832328c5c086ec24a637d376d7f26ff179385fd0 libtiff-tools-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: 4d3e9705d7fa2ea288261e5a66f625aaff018fd4c3111f1b7b7b1922ed5adba7 libtiff-tools-debuginfo-4.6.0-6.el10_1.3.ppc64le.rpm SHA-256: ce9511cf08c63804758d819cbb876ce27a9e5c9334a3b6639cf41464a4616015 Red Hat CodeReady Linux Builder for ARM 64 10 SRPM aarch64 libtiff-debuginfo-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 04aefa1491590cbb51b88abcd724b8a98c77dcbf0fdffd504ffd909c6e04a5fd libtiff-debugsource-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 468c7e87cb2fe210fc61dd4fd7761ad06a09e2b471d50966392976af6c70f744 libtiff-tools-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 8868bf849ac6ba92fe12cb340856d355efee7acf2814f056792306a71eff3ee8 libtiff-tools-debuginfo-4.6.0-6.el10_1.3.aarch64.rpm SHA-256: 441b181954637832efba26a5d2b27457628200b1f73e2d883c448e6e732353a4 Red Hat CodeReady Linux Builder for IBM z Systems 10 SRPM s390x libtiff-debuginfo-4.6.0-6.el10_1.3.s390x.rpm SHA-256: cfa4ac2c16f54843371ef7650496f20ad5076ef8e2824c1da9bb47c48beab9de libtiff-debugsource-4.6.0-6.el10_1.3.s390x.rpm SHA-256: ab705fd147583840c7016abf3e079bbc1e5894d7eb58b0941ef83803b3d7c3fd libtiff-tools-4.6.0-6.el10_1.3.s390x.rpm SHA-256: 88b9f3ff2f93b5eb4721c22b937a41973a1868ff1d0da42f31371913be1303a6 libtiff-tools-debuginfo-4.6.0-6.el10_1.3.s390x.rpm SHA-256: 3474930328973b406b934226744c57bd3697ca6cd55e9551d244242496e0394d The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .