Описание
ELSA-2025-9501: gimp security update (IMPORTANT)
[2:2.8.22-1.0.3]
- Fixes CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow) [Orabug: 38110877]
- Fixes CVE-2025-48797 (Multiple heap buffer overflows in TGA parser)
- Fixes CVE-2025-48798 (Multiple use after free in XCF parser)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
gimp
2.8.22-1.0.3.el7
gimp-devel
2.8.22-1.0.3.el7
gimp-devel-tools
2.8.22-1.0.3.el7
gimp-libs
2.8.22-1.0.3.el7
Связанные CVE
Связанные уязвимости
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.