CVE-2016-9273 Libtiff CVE debrief

Who should care

Organizations that process untrusted TIFF files with libtiff, especially workflows that invoke tiffsplit or related image-processing utilities. This matters most for desktop users, file-conversion services, document pipelines, and any application that accepts attacker-controlled TIFF content.

Technical summary

The official record maps the issue to CWE-125 (out-of-bounds read) and identifies libtiff 4.0.6 as vulnerable. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) indicates a user must interact with a crafted file and that the primary impact is availability. The reported condition involves td_nstrips being changed in TIFF_STRIPCHOP mode, which can cause tiffsplit to read beyond valid bounds.

Defensive priority

Medium. The main impact is availability, but the issue can still be relevant in any environment that routinely opens untrusted TIFF files. Prioritize if libtiff is part of a high-volume file ingestion or conversion path.

Recommended defensive actions

• Inventory systems that ship or depend on libtiff, including any use of tiffsplit.
• Limit or sandbox processing of untrusted TIFF files where practical.
• Apply vendor or distribution updates referenced for this CVE when available.
• Monitor crash reports and abnormal exits in TIFF-processing workflows.
• Treat TIFF files from untrusted sources as potentially malicious input and validate them before processing.

Evidence notes

The description and CVSS data come from the official CVE/NVD record. NVD lists libtiff 4.0.6 as vulnerable, assigns CWE-125, and gives the vector CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H. MITRE/NVD references include an issue tracker entry, Debian security advisory, OSS security mailing list notices, SecurityFocus, and Gentoo GLSA, all consistent with a publicly disclosed TIFF parsing flaw causing denial of service.

Official resources