Описание
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM (DCM) file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a specially crafted DCM image file.
Отчет
This vulnerability is marked as Important rather than Critical, this flaw remains technically significant because it enables remote code execution through malformed image content. The vulnerability affects the file parsing layer of GIMP, meaning the malicious payload executes as soon as a crafted DCM file is opened. However, it is rated as Important instead of Critical because successful exploitation requires user interaction (e.g., manually opening a malicious file) and the attack surface is limited to local execution contexts rather than a network-exposed service. The absence of privilege escalation and the requirement for a user to interact with the file reduce the overall severity, though exploitation could still result in full process compromise.
Меры по смягчению последствий
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | gimp | Out of support scope | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | gimp | Fixed | RHSA-2025:22866 | 09.12.2025 |
| Red Hat Enterprise Linux 8 | gimp | Fixed | RHSA-2025:22417 | 01.12.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | gimp | Fixed | RHSA-2026:0250 | 07.01.2026 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | gimp | Fixed | RHSA-2025:23857 | 22.12.2025 |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | gimp | Fixed | RHSA-2025:23857 | 22.12.2025 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | gimp | Fixed | RHSA-2026:0356 | 08.01.2026 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | gimp | Fixed | RHSA-2026:0356 | 08.01.2026 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | gimp | Fixed | RHSA-2026:0356 | 08.01.2026 |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | gimp | Fixed | RHSA-2026:0027 | 05.01.2026 |
Показывать по
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution ...
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
7.8 High
CVSS3