What is CVE-2025-9900?

CVE-2025-9900 is a high-severity vulnerability in Red Hat Ai Inference Server 3.2, classified under Write-what-where Condition. CVSS score: 8.8/10. Published 2025-09-23.

How severe is CVE-2025-9900?

High severity. CVSS v3 base score is 8.8 out of 10.

Is CVE-2025-9900 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Red Hat Ai Inference Server 3.2

CVE-2025-9900

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an at…

EPSS: 0.000 (12.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Red Hat Ai Inference Server 3.2 — versions sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b, sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57, sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7
Red Hat Discovery 2 — versions sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740
Red Hat Enterprise Linux 10 — versions 0:4.6.0-6.el10_0.1, 0:4.6.0-6.el10_1.1
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7 Extended Lifecycle Support — versions 0:3.9.4-12.el7_9.1, 0:4.0.3-35.el7_9.1
Red Hat Enterprise Linux 8 — versions 0:3.9.4-14.el8_10, 0:4.0.9-35.el8_10, 0:4.0.9-3.el8_10
Red Hat Enterprise Linux 8.2 Advanced Update Support — versions 0:3.9.4-13.el8_2.1, 0:4.0.9-17.el8_2.1, 0:8.10-3.el8_2.1
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support — versions 0:3.9.4-13.el8_4.1, 0:4.0.9-18.el8_4.1, 0:8.10-3.el8_4.1
Red Hat Enterprise Linux 8.4 Extended Update Support Long-life Add-on — versions 0:3.9.4-13.el8_4.1, 0:4.0.9-18.el8_4.1, 0:8.10-3.el8_4.1
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support — versions 0:3.9.4-13.el8_6.1, 0:4.0.9-21.el8_6.1, 0:8.10-3.el8_6.1

Weakness classification (CWE)

CWE-123 — Write-what-where Condition

Public proof-of-concept exploits

References

RHSA-2025:17651 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:17675 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:17710 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:17738 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:17739 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:17740 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:19113 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:19156 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:19276 (vendor-advisory, x_refsource_REDHAT)
RHSA-2025:19906 (vendor-advisory, x_refsource_REDHAT)

Frequently asked questions

What is CVE-2025-9900?: CVE-2025-9900 is a high-severity vulnerability in Red Hat Ai Inference Server 3.2, classified under Write-what-where Condition. CVSS score: 8.8/10. Published 2025-09-23.
How severe is CVE-2025-9900?: High severity. CVSS v3 base score is 8.8 out of 10.
Is CVE-2025-9900 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.