CVE-2025-8534 | libtiff 4.6.0 tiff2ps tools/tiff2ps.c PS_Lvl2page null pointer dereference (Issue 718)

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference.

This vulnerability was named CVE-2025-8534. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

One of the maintainers explains, that “[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. “rD”) option is used.”VulDB Recent EntriesRead More