gimp-3.0.4-1.el9_7.3
エラータID: AXSA:2026-197:02
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: heap-based buffer overflow via specially crafted PSP file (CVE-2025-15059)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-15059
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.
Update packages.
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28232.
N/A
SRPMS
- gimp-3.0.4-1.el9_7.3.src.rpm
MD5: 1b9fea1c5529dd21bd8a860495ab0a6d
SHA-256: e1dc9612420909b99e2a8690f9db005b3066b2bbd6f926344965a96037f44fbc
Size: 25.86 MB
Asianux Server 9 for x86_64
- gimp-3.0.4-1.el9_7.3.x86_64.rpm
MD5: 7e170f211b616cca495365a5cb928ba2
SHA-256: 11a79ac6891ddb5f7d738fbc46717f9ee78f1cfe8450165ee4a8b8dd5c4edd03
Size: 20.92 MB - gimp-libs-3.0.4-1.el9_7.3.i686.rpm
MD5: 4571aa6595ff10760d958ca54e8b02f1
SHA-256: 9299337a6cc7e6b4c2d1bcb3d559eed47755462fb66044f13f1612b34dbdfa29
Size: 850.96 kB - gimp-libs-3.0.4-1.el9_7.3.x86_64.rpm
MD5: fd7135aac0487352df5e2373b50ed442
SHA-256: 4939ccaf81495c106e6557d71510356eb3e1b69beb38a7497925a9d28dff02b7
Size: 802.37 kB