Skip to main content
Services
How We Work
Technology
Results
Resources
Company
Log in
Get Assessment
Vulnerability Intelligence
SUSE-SU-2026:1407-1
SUSE-SU-2026:1407-1
UNKNOWN
Security update for tiff
Published Apr 16, 2026
Modified 6 days ago
Fix available
Details
This update for tiff fixes the following issues:
CVE-2025-61143: Fixed NULL pointer dereference (bsc#1258798).
CVE-2025-61144: Fixed stack overflow in readSeparateStripsIntoBuffer() (bsc#1258801).
Affected Packages
libtiff-devel
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
4.0.9-44.109.1
libtiff5
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
4.0.9-44.109.1
libtiff5-32bit
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
4.0.9-44.109.1
tiff
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
4.0.9-44.109.1
References
REPORT
https://bugzilla.suse.com/1258798
REPORT
https://bugzilla.suse.com/1258801
WEB
https://www.suse.com/security/cve/CVE-2025-61143
WEB
https://www.suse.com/security/cve/CVE-2025-61144
ADVISORY
https://www.suse.com/support/update/announcement/2026/suse-su-20261407-1/
Upstream
CVE-2025-61143
CVE-2025-61144
Related
CVE-2025-61143
CVE-2025-61144
Ecosystems
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Timeline
Published
Apr 16, 2026
Modified
Apr 16, 2026
SUSE-SU-2026:1407-1 | Mondoo Vulnerability Intelligence