RHSA-2025:21508 - Security Advisory Synopsis: Important: libtiff security update Type/Severity: Security Advisory: Important Vulnerabilities: CVE-2025-8176: LibTIFF Use-After-Free Vulnerability CVE-2025-9900: LibTIFF Write-What-Where Vulnerability Affected Products: Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Fixes: BZ-2383598 - CVE-2025-8176 libtiff: LibTIFF Use-After-Free Vulnerability BZ-2392784 - CVE-2025-9900 libtiff: Libtiff Write-What-Where Vulnerability References: https://access.redhat.com/security/updates/classification/#important Issued: 2025-11-17 Updated: 2025-11-17 Solution: Refer to: https://access.redhat.com/articles/11258 for details on how to apply this update.