CVE-2025-9900 is a write-what-where condition vulnerability in libtiff3, an older version of the libtiff library used to manipulate TIFF image files. The vulnerability occurs when processing a TIFF file with an abnormally large image height metadata value, allowing an attacker to write arbitrary color data to arbitrary memory locations. This can cause memory corruption leading to denial of service or arbitrary code execution with user-level privileges. Red Hat has released security updates for compat-libtiff3 packages in Red Hat Enterprise Linux 8 and 8.4 Extended Update Support to address this issue. The CVSS 3.1 score is 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), reflecting network attack vector, low attack complexity, no privileges required, user interaction required, unchanged scope, and high impact on confidentiality, integrity, and availability.

Successful exploitation of this vulnerability can lead to arbitrary code execution or denial of service on affected systems running vulnerable versions of libtiff3. The attacker can execute code with the privileges of the user running the application that processes the malicious TIFF file. This can compromise system confidentiality, integrity, and availability. No known exploits in the wild have been reported as of the advisory date.

Red Hat has released updated compat-libtiff3 packages that fix CVE-2025-9900. Users running affected versions of Red Hat Enterprise Linux 8 and 8.4 Extended Update Support should apply these security updates as detailed in the Red Hat advisories RHSA-2025:17651 and RHSA-2025:17675. The advisories and update instructions are available at https://access.redhat.com/articles/11258. Applying these official patches is the recommended remediation. No additional mitigation steps are indicated by the vendor.