VDB

RHSA-2026%3A30088

RHSA-2026%3A30088 PUBLISHED CVSS 7.800000190734863 HIGH

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatregistry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:993e84c73225a7c5e2df63756643a26b054b665eb6c15599d9decbbce91b6863_amd64 as a component of Red Hat AI Inference Server 3.3*

Timeline

  • Jun 25, 2026 CVE Published
  • Jul 4, 2026 CVE Updated
  • Jul 4, 2026 Distribution Patch
  • Jul 4, 2026 Distribution Patch
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
  • Jul 4, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›