Описание
Security update for gimp
This update for gimp fixes the following issues:
- CVE-2025-6035: Fixed Integer Overflow or Wraparound in GIMP Despeckle Filter (bsc#1244536).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
gimp-2.10.30-150400.3.23.1
gimp-devel-2.10.30-150400.3.23.1
gimp-lang-2.10.30-150400.3.23.1
gimp-plugin-aa-2.10.30-150400.3.23.1
libgimp-2_0-0-2.10.30-150400.3.23.1
libgimpui-2_0-0-2.10.30-150400.3.23.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
gimp-2.10.30-150400.3.23.1
gimp-devel-2.10.30-150400.3.23.1
gimp-lang-2.10.30-150400.3.23.1
gimp-plugin-aa-2.10.30-150400.3.23.1
libgimp-2_0-0-2.10.30-150400.3.23.1
libgimpui-2_0-0-2.10.30-150400.3.23.1
SUSE Linux Enterprise Workstation Extension 15 SP6
gimp-2.10.30-150400.3.23.1
gimp-devel-2.10.30-150400.3.23.1
gimp-lang-2.10.30-150400.3.23.1
libgimp-2_0-0-2.10.30-150400.3.23.1
libgimpui-2_0-0-2.10.30-150400.3.23.1
SUSE Linux Enterprise Workstation Extension 15 SP7
gimp-2.10.30-150400.3.23.1
gimp-devel-2.10.30-150400.3.23.1
gimp-lang-2.10.30-150400.3.23.1
libgimp-2_0-0-2.10.30-150400.3.23.1
libgimpui-2_0-0-2.10.30-150400.3.23.1
openSUSE Leap 15.6
gimp-2.10.30-150400.3.23.1
gimp-devel-2.10.30-150400.3.23.1
gimp-lang-2.10.30-150400.3.23.1
gimp-plugin-aa-2.10.30-150400.3.23.1
libgimp-2_0-0-2.10.30-150400.3.23.1
libgimp-2_0-0-32bit-2.10.30-150400.3.23.1
libgimpui-2_0-0-2.10.30-150400.3.23.1
libgimpui-2_0-0-32bit-2.10.30-150400.3.23.1
Ссылки
- Link for SUSE-SU-2025:02367-1
- E-Mail link for SUSE-SU-2025:02367-1
- SUSE Security Ratings
- SUSE Bug 1244536
- SUSE CVE CVE-2025-6035 page
Описание
A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-2.10.30-150400.3.23.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-devel-2.10.30-150400.3.23.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-lang-2.10.30-150400.3.23.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-plugin-aa-2.10.30-150400.3.23.1
Ссылки
- CVE-2025-6035
- SUSE Bug 1244536