CVE-2026-4775

{"id": "CVE-2026-4775", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-03-24T15:16:39.693", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-4775", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450768", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00016.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en la biblioteca libtiff. Un atacante remoto podr\u00eda explotar una vulnerabilidad de desbordamiento de entero con signo en la funci\u00f3n putcontig8bitYCbCr44tile al proporcionar un archivo TIFF especialmente dise\u00f1ado. Este fallo puede llevar a una escritura fuera de l\u00edmites en el heap debido a c\u00e1lculos incorrectos del puntero de memoria, potencialmente causando una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2026-04-21T16:34:57.280", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FFD25C1-A304-486F-A36B-7167EEF33388"}, {"criteria": "cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87DEB507-5B64-47D7-9A50-3B87FD1E571F"}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}