CVE-2025-8534— libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-8534
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
空指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
LibTIFF 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
LibTIFF是LibTIFF开源的一个读写TIFF(标签图像文件格式)文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF 4.6.0版本存在安全漏洞,该漏洞源于文件tools/tiff2ps.c中函数PS_Lvl2page存在空指针取消引用。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | libtiff | 4.6.0 | - |
II. Public POCs for CVE-2025-8534
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-8534
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-08-04 · 18 CVEs total
| CVE-2025-53394 | 7.7 HIGH | Paramount Macrium Reflect 安全漏洞 |
| CVE-2025-53395 | 7.7 HIGH | Paramount Macrium Reflect 安全漏洞 |
| CVE-2025-51534 | Austrian Archaeological Institute OpenAtlas 安全漏洞 | |
| CVE-2024-45183 | SAMSUNG Exynos 安全漏洞 | |
| CVE-2025-52239 | ZKEACMS 安全漏洞 | |
| CVE-2025-46206 | artifex mupdf 安全漏洞 | |
| CVE-2025-51726 | CyberGhostVPN 安全漏洞 | |
| CVE-2025-51535 | Austrian Archaeological Institute OpenAtlas 安全漏洞 | |
| CVE-2025-51536 | Austrian Archaeological Institute OpenAtlas 安全漏洞 | |
| CVE-2025-26065 | Intelbras RX1500 安全漏洞 | |
| CVE-2025-51390 | TOTOLINK N600R 安全漏洞 | |
| CVE-2025-51387 | GitKraken Desktop 安全漏洞 | |
| CVE-2025-50754 | Unisite CMS 安全漏洞 | |
| CVE-2025-50341 | Axelor 安全漏洞 | |
| CVE-2025-50340 | SOGo Webmail 安全漏洞 | |
| CVE-2025-50420 | Freedesktop Poppler 安全漏洞 | |
| CVE-2025-44643 | Draytek多款产品 安全漏洞 |
IV. Related Vulnerabilities
Same product: libtiff
- CVE-2025-9165
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak - CVE-2025-8961
LibTIFF tiffcrop tiffcrop.c main memory corruption - CVE-2025-8851
LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stac - CVE-2024-13978
LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer de - CVE-2025-8177
LibTIFF thumbnail.c setrow buffer overflow
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
Same weakness: CWE-476
- CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-7259
Null pointer dereference in php_mb_check_encoding() via mb_e - CVE-2026-7262
NULL pointer dereference in SOAP apache:Map decoder with mis - CVE-2026-42183
Argo Workflows: SSO RBAC Delegation Nil Pointer Dereference - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error
V. Comments for CVE-2025-8534
No comments yet