Описание
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
Пакеты
Пакет | Статус | Версия исправления | Релиз | Тип |
---|---|---|---|---|
gimp | fixed | 3.0.0~RC1-4 | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2368557
https://gitlab.gnome.org/GNOME/gimp/-/issues/11822
Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/7d949423ed2231dd463968d86b58e0a3e01e6266 (GIMP_3_0_0_RC1)
Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/fe26086e16943860f3852120f546ce913a7a73ee (GIMP_3_0_0_RC1)
Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/e7523ed41271e48a909011b8598d496c1be642e2 (GIMP_3_0_0_RC2)
Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/ebf0b569a63f15b5dc7532f16936104af1e09f02 (gimp-2-10)
"xcf-load: avoid use-after-free for layers with multiple PROP_ACTIVE_LAYER" not needed in 2.10, which only supports one layer
EPSS
Связанные уязвимости
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
EPSS