CVE-2025-61144 – A stack overflow vulnerability in libtiff's rea... (How to Fix)

Q: What is the severity of CVE-2025-61144?

CVE-2025-61144 has a CVSS score of 7.3 (HIGH). A stack overflow vulnerability in libtiff's readSeparateStripsIntoBuffer function allows attackers to execute arbitrary code or cause denial of service by processing specially crafted TIFF images. This affects all applications using vulnerable libtiff versions to parse TIFF files.

📋 TL;DR

A stack overflow vulnerability in libtiff's readSeparateStripsIntoBuffer function allows attackers to execute arbitrary code or cause denial of service by processing specially crafted TIFF images. This affects all applications using vulnerable libtiff versions to parse TIFF files.

💻 Affected Systems

Products:

libtiff
Any software using libtiff library (image viewers, document processors, web applications)

Versions: All versions up to and including 4.7.1

Operating Systems: Linux, Windows, macOS, BSD, All platforms with libtiff

Default Config Vulnerable: ⚠️ Yes

Notes: Applications must use the vulnerable readSeparateStripsIntoBuffer function when processing TIFF images with separate strips.

📦 What is this software?

Libtiff by Libtiff

View all CVEs affecting Libtiff →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the application processing the TIFF file, potentially leading to full system compromise.

🟠

Likely Case

Application crash (denial of service) when processing malicious TIFF files, with potential for limited code execution depending on memory protections.

🟢

If Mitigated

Application crash with no code execution if ASLR, stack canaries, or other memory protections are effective.

🌐 Internet-Facing: MEDIUM - Exploitation requires processing attacker-controlled TIFF files, which could occur through file uploads, email attachments, or web content.

🏢 Internal Only: LOW - Requires user interaction to open malicious files or applications to process them automatically.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting a malicious TIFF file that triggers the overflow. Public proof-of-concept exists in the references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in libtiff 4.7.2 and later

Vendor Advisory: https://gitlab.com/libtiff/libtiff/-/issues/740

Restart Required: Yes

Instructions:

1. Update libtiff to version 4.7.2 or later. 2. Rebuild any statically linked applications. 3. Restart services using libtiff.

🔧 Temporary Workarounds

Disable TIFF processing

all

Prevent applications from processing TIFF files where possible

Use memory protection features

linux

Enable ASLR, stack canaries, and other memory protection mechanisms

echo 2 > /proc/sys/kernel/randomize_va_space
Recompile with -fstack-protector-all

🧯 If You Can't Patch

Implement strict file upload validation to reject suspicious TIFF files
Run vulnerable applications with reduced privileges and in sandboxed environments

🔍 How to Verify

Check if Vulnerable:

Check libtiff version: tiffinfo --version or ldd on binaries to check linked libtiff version

Check Version:

tiffinfo --version 2>/dev/null || strings /usr/lib*/libtiff*.so* | grep 'LIBTIFF, Version'

Verify Fix Applied:

Verify libtiff version is 4.7.2 or later: tiffinfo --version | grep -q 'Version 4\.7\.[2-9]\|Version 4\.[8-9]'

📡 Detection & Monitoring

Log Indicators:

Application crashes with segmentation faults when processing TIFF files
Memory corruption errors in application logs

Network Indicators:

Unusual TIFF file uploads to web applications
TIFF files with abnormal structure or sizes

SIEM Query:

source="application.log" AND ("segmentation fault" OR "stack overflow" OR "SIGSEGV") AND "tiff"

📊 Metadata

CVE ID: CVE-2025-61144

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: February 23, 2026

Last Updated: February 25, 2026

🔗 References

https://gist.github.com/optionGo/5ad17e96a0a40f03578dd6c9f8645952 Third Party Advisory
https://gitlab.com/libtiff/libtiff/-/commit/09f53a86cf26dfd961925227e59e180db617f26d Patch
https://gitlab.com/libtiff/libtiff/-/commit/88cf9dbb48f6e172629795ecffae35d5052f68aa Patch
https://gitlab.com/libtiff/libtiff/-/issues/740 Exploit,Issue Tracking
https://gitlab.com/libtiff/libtiff/-/merge_requests/757 Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61144, you might also want to check these: