Red Hat Product Errata RHSA-2026:19608 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19608 - Security Advisory Overview Updated Packages Synopsis Important: libtiff security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libtiff is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing (CVE-2026-4775) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2450768 - CVE-2026-4775 libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVEs CVE-2026-4775 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM libtiff-4.2.0-3.el9_0.3.src.rpm SHA-256: b68c8abab8b090b45fd4ca4e2dc4435ecf19f8ebbde1d944e141114fcf21180f ppc64le libtiff-4.2.0-3.el9_0.3.ppc64le.rpm SHA-256: fb0924700cf4cc3eb1061681686a45c3b19b17c174afbf87e3bd3ab1c8c9e1e6 libtiff-debuginfo-4.2.0-3.el9_0.3.ppc64le.rpm SHA-256: 8372620d6e3dba9b413899b9ec747036299c93734dcbb4ba0dc9a4fb7ddcc154 libtiff-debugsource-4.2.0-3.el9_0.3.ppc64le.rpm SHA-256: 386297dc1f973044b7afd6960f07035726f0c386ddb094d2eac257aa2b36c519 libtiff-devel-4.2.0-3.el9_0.3.ppc64le.rpm SHA-256: a3e7a3c3348f2e5d6fa95677fec5dd11142950fef7466072677fcb42da3275da libtiff-tools-debuginfo-4.2.0-3.el9_0.3.ppc64le.rpm SHA-256: 2283cc3bb75987e079c51e727c25ac34f1a6d219cb1fe30ad8b38e83764fb534 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM libtiff-4.2.0-3.el9_0.3.src.rpm SHA-256: b68c8abab8b090b45fd4ca4e2dc4435ecf19f8ebbde1d944e141114fcf21180f x86_64 libtiff-4.2.0-3.el9_0.3.i686.rpm SHA-256: 2788b9f4c1d6f638a0a691bc27b6cc46f10ec863952f11e8167d24cd9eccb4a2 libtiff-4.2.0-3.el9_0.3.x86_64.rpm SHA-256: ae186e2630fcded477763fc9ee37b7172618d0c0709de2fcc1e190d386bdc8b6 libtiff-debuginfo-4.2.0-3.el9_0.3.i686.rpm SHA-256: b3932dabbd86a9f0bf6b359ae73797dffabb608b93ffa6733c4f40539c63adf1 libtiff-debuginfo-4.2.0-3.el9_0.3.x86_64.rpm SHA-256: 834d2760e57387ebf6bfa69f89bfd4972e643a2b76f0a4be0c726aca9f144345 libtiff-debugsource-4.2.0-3.el9_0.3.i686.rpm SHA-256: eb65d0855e3a10d1352e211fc7972b584e7c3726ed4de177a66d35522c0f8526 libtiff-debugsource-4.2.0-3.el9_0.3.x86_64.rpm SHA-256: d2423451049186608c57f5f68906e095da44448a859c4a23473bdd4eca0cc933 libtiff-devel-4.2.0-3.el9_0.3.i686.rpm SHA-256: 4c6c968ec2aefade61baa84180cfc143555dd62d5160dcdc644c6cd7f46601f9 libtiff-devel-4.2.0-3.el9_0.3.x86_64.rpm SHA-256: ca79c6d51bda480464895f1a4c7f1be87a32589e15388795ef9ef19ca3d53c8a libtiff-tools-debuginfo-4.2.0-3.el9_0.3.i686.rpm SHA-256: b98439da36c0a458c2d694ae1a225d436787a529cbbc9e627f8a17c3cc6c539a libtiff-tools-debuginfo-4.2.0-3.el9_0.3.x86_64.rpm SHA-256: 235eb919ac7a75fe4adaf20b1e26eab91a4e5a18f7a0263fa3049019ab3cf8d3 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM libtiff-4.2.0-3.el9_0.3.src.rpm SHA-256: b68c8abab8b090b45fd4ca4e2dc4435ecf19f8ebbde1d944e141114fcf21180f aarch64 libtiff-4.2.0-3.el9_0.3.aarch64.rpm SHA-256: 206a521c055280da8c1ada75b1272abd5303db4260447a574e99e35a06fcb594 libtiff-debuginfo-4.2.0-3.el9_0.3.aarch64.rpm SHA-256: 07cfb7586f308a521a580b18a5da55c003ad6bc8b0750413ccd76c628dbf1e20 libtiff-debugsource-4.2.0-3.el9_0.3.aarch64.rpm SHA-256: e961e4f43d11a0ba5c7b81637e523bab1d5fb9ac1fba0a2a4afbb09b246f6004 libtiff-devel-4.2.0-3.el9_0.3.aarch64.rpm SHA-256: d4ceab2b74e01982d0eb44960671bf14e971e981cd7055f1658bd54d4fff64de libtiff-tools-debuginfo-4.2.0-3.el9_0.3.aarch64.rpm SHA-256: a95739d01918bcc7f98018fac39896e389559966cf7b3e111cca71cc229c131d Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM libtiff-4.2.0-3.el9_0.3.src.rpm SHA-256: b68c8abab8b090b45fd4ca4e2dc4435ecf19f8ebbde1d944e141114fcf21180f s390x libtiff-4.2.0-3.el9_0.3.s390x.rpm SHA-256: 22c55422735f4bcfbde327faad2ad1bc6859c95d5a278e3cc6f7e12a9d98033b libtiff-debuginfo-4.2.0-3.el9_0.3.s390x.rpm SHA-256: eef0dde8d611bf28710d2adb47f57de3b151145e908b3b7432bf83e39a037afe libtiff-debugsource-4.2.0-3.el9_0.3.s390x.rpm SHA-256: d7fbbe4bbc3aece13e130629416ff7a63bcdef909c906b30f74cd059172983cd libtiff-devel-4.2.0-3.el9_0.3.s390x.rpm SHA-256: 0ca3d7497d91b14178ec3c3103661ca21c224e0a55e2480e9f5369d6f768acd9 libtiff-tools-debuginfo-4.2.0-3.el9_0.3.s390x.rpm SHA-256: a4953d571bc42be2e47bb4dbc8596fff01e7ad75050c5652e1720aa1ddffb185 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .