CVE-2026-4775 is a vulnerability identified in the libtiff library component of Red Hat Enterprise Linux 10. The flaw arises from a signed integer overflow or wraparound in the putcontig8bitYCbCr44tile function, which processes TIFF image files. When a specially crafted TIFF file is processed, the integer overflow causes incorrect calculations of memory pointers, leading to an out-of-bounds heap write. This memory corruption can destabilize the application, causing it to crash (denial of service) or, more critically, enable an attacker to execute arbitrary code with the privileges of the affected process. The vulnerability is exploitable remotely but requires user interaction, such as opening or processing the malicious TIFF file. The CVSS v3.1 score of 7.8 reflects high severity, with high impact on confidentiality, integrity, and availability. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), but user interaction is necessary (UI:R). The scope remains unchanged (S:U). No public exploits have been reported yet, but the vulnerability's nature makes it a significant risk once weaponized. The flaw underscores the risks of integer overflows in image processing libraries, which are commonly used in many applications and services.

The vulnerability can have severe consequences for organizations running Red Hat Enterprise Linux 10 with the vulnerable libtiff library. Successful exploitation can lead to denial of service, disrupting critical services that rely on image processing. More alarmingly, arbitrary code execution could allow attackers to gain control over affected systems, potentially leading to data breaches, lateral movement within networks, and persistent access. Since libtiff is widely used in various applications, including web services, document processing, and multimedia tools, the attack surface is broad. Organizations handling untrusted TIFF files, such as email gateways, file upload services, or user-facing applications, are particularly at risk. The requirement for user interaction limits automated exploitation but does not eliminate risk, especially in environments where users may open or process untrusted files. The absence of known exploits currently provides a window for proactive mitigation, but the high severity score demands urgent attention to prevent future attacks.

Organizations should prioritize applying official patches from Red Hat as soon as they become available to address this vulnerability. In the interim, restrict or monitor the processing of TIFF files from untrusted sources, especially in user-facing applications. Implement strict input validation and sandboxing for image processing components to limit the impact of potential exploitation. Employ application whitelisting and least privilege principles to reduce the risk of arbitrary code execution. Security teams should enhance monitoring for unusual application crashes or suspicious behavior related to image processing services. User education is important to reduce the likelihood of opening malicious files. Additionally, consider deploying runtime protections such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) to mitigate exploitation attempts. Regularly review and update incident response plans to handle potential exploitation scenarios involving this vulnerability.