VDB
RHSA-2026%3A30088
RHSA-2026%3A30088
PUBLISHED
CVSS 7.800000190734863 HIGH
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:993e84c73225a7c5e2df63756643a26b054b665eb6c15599d9decbbce91b6863_amd64 as a component of Red Hat AI Inference Server 3.3 | * |
Timeline
- Jun 25, 2026 CVE Published
- Jul 4, 2026 CVE Updated
- Jul 4, 2026 Distribution Patch
- Jul 4, 2026 Distribution Patch
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
- Jul 4, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:30088 advisory
- https://access.redhat.com/security/cve/CVE-2026-10118 advisory
- https://access.redhat.com/security/cve/CVE-2026-22778 advisory
- https://access.redhat.com/security/cve/CVE-2026-22807 advisory
- https://access.redhat.com/security/cve/CVE-2026-23490 advisory
- https://access.redhat.com/security/cve/CVE-2026-24779 advisory
- https://access.redhat.com/security/cve/CVE-2026-34588 advisory
- https://access.redhat.com/security/cve/CVE-2026-34982 advisory
- https://access.redhat.com/security/cve/CVE-2026-35385 advisory
- https://access.redhat.com/security/cve/CVE-2026-35535 advisory
- https://access.redhat.com/security/cve/CVE-2026-37555 advisory
- https://access.redhat.com/security/cve/CVE-2026-39892 advisory
- https://access.redhat.com/security/cve/CVE-2026-39979 advisory
- https://access.redhat.com/security/cve/CVE-2026-40164 advisory
- https://access.redhat.com/security/cve/CVE-2026-44431 advisory
- https://access.redhat.com/security/cve/CVE-2026-44432 advisory
- https://access.redhat.com/security/cve/CVE-2026-4775 advisory
- https://access.redhat.com/security/cve/CVE-2026-4786 advisory
- https://access.redhat.com/security/cve/CVE-2026-48526 advisory
- https://access.redhat.com/security/cve/CVE-2026-48710 advisory
…and 139 more