[security - high] gimp:2.8 security update
エラータID: AXSA:2026-712:01
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)
* gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)
* GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)
* gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-4150
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807.
CVE-2026-4153
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28874.
CVE-2026-4154
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPM files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28901.
CVE-2026-4887
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
Modularity name: "gimp"
Stream name: "2.8"
Update packages.
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28807.
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28874.
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPM files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28901.
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
N/A
SRPMS
- gimp-2.8.22-26.module+el8+1980+e446a9b7.6.src.rpm
MD5: fa35a2527e6a81d2755db5afb63c7208
SHA-256: 147c02cfb8929db873541cd560fec98fff0a8b0fd88b6c12310baaa6277ce106
Size: 20.07 MB - pygobject2-2.28.7-5.module+el8+1980+e446a9b7.src.rpm
MD5: be32f3c1fecf81b1b6d24cb7db269302
SHA-256: c8f5cc53c846e483bf80c336fb53667ded083165527cc4a3336b663712eccb15
Size: 750.83 kB - pygtk2-2.24.0-25.module+el8+1980+e446a9b7.src.rpm
MD5: 16378ae179ceb263e6be8f1e5d91a68a
SHA-256: 2cee160e70262c9b1a6b249e5e93a14a25a50dbd47f5f26dbadeb9c1b5ea8658
Size: 2.28 MB - python2-pycairo-1.16.3-7.module+el8+1980+e446a9b7.src.rpm
MD5: e1c97dae0626b9ad122146bd79713b07
SHA-256: 14a1187198e539cd7a5defba558700731934e90f0f5db3cce1127d1abd7c1e96
Size: 199.60 kB
Asianux Server 8 for x86_64
- gimp-2.8.22-26.module+el8+1980+e446a9b7.6.x86_64.rpm
MD5: 7ea6ac8f041ccaf21d2042058dffad42
SHA-256: 37951cf184826d1bc0462b38379fc50a5ca374336beec5b6f540bf490c6d6279
Size: 14.96 MB - gimp-debugsource-2.8.22-26.module+el8+1980+e446a9b7.6.x86_64.rpm
MD5: ee42b15f2be0df809299842855d1ede0
SHA-256: 1cd8a9721db34aeffd2b51796203f541db2c5164c34f3780e80fa912779c62f4
Size: 4.50 MB - gimp-devel-2.8.22-26.module+el8+1980+e446a9b7.6.x86_64.rpm
MD5: d1a5295183e3d8cb2452cc231db0a33b
SHA-256: 2b410a7f5f15d3417786f6c4c9373c6c48c1299c963f7f3a87018c34c03dc43c
Size: 940.58 kB - gimp-devel-tools-2.8.22-26.module+el8+1980+e446a9b7.6.x86_64.rpm
MD5: f975d59359a5cd2dd5e97839297a5dee
SHA-256: accee1af9b7a549c53e6dd2a25ae1e5ca5c6cc3da13c3ff07649474753daee9b
Size: 79.59 kB - gimp-libs-2.8.22-26.module+el8+1980+e446a9b7.6.x86_64.rpm
MD5: bc3517322347c410705f7ca8dcddf96c
SHA-256: d60b0c6fde1f5e20a1c39c97a58103b37907a18a453f0ebc053e2aba5a7e3a53
Size: 1.40 MB - pygobject2-2.28.7-5.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 6037888667e8e4f6428c0c6f96b09d82
SHA-256: b2b706902a918ef3da7ce1939eb3f690a5b939ec9cf94f9cd0c6225caa0825d7
Size: 235.27 kB - pygobject2-codegen-2.28.7-5.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 735ac355fd652b44e782be9a0dd99218
SHA-256: f1569762fd9d7be0fdf36e870236fef5b94056de4eed3ac1e5b6747c0307244c
Size: 108.40 kB - pygobject2-debugsource-2.28.7-5.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 087f7e724438f1decd02814a98d909ee
SHA-256: 19678da75d4d801ef416a6345cb8da90be30bcd5e68a0fefc77f7f6bab7bfaf4
Size: 156.13 kB - pygobject2-devel-2.28.7-5.module+el8+1980+e446a9b7.x86_64.rpm
MD5: cb76c3c5f1f83999c5ee45a7cb19d4e6
SHA-256: c82366f044e916c0cbedaddcd8bbae959e7801a6812c0d6581b46d2e1f65073a
Size: 71.83 kB - pygobject2-doc-2.28.7-5.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 6b32b00eab5800bb33e5f24f1c447126
SHA-256: b8d9aab3124defc2a0f960bd31c55334e8d7cf9208904352e535e5759a860245
Size: 129.60 kB - pygtk2-2.24.0-25.module+el8+1980+e446a9b7.x86_64.rpm
MD5: db772b84a236e2c36ebb8c7f24984321
SHA-256: 1ba62038b88ee3166f32d763dd7e0e4b38e5fe1be8c8b75f4681e1906a2d7e3b
Size: 928.56 kB - pygtk2-codegen-2.24.0-25.module+el8+1980+e446a9b7.x86_64.rpm
MD5: eab808aead8f245a2f96e453bf8b8313
SHA-256: c6a545709b6f0a518919e36cc80cfcb81b5e7efb6c00363aa19a8622f1da7aa3
Size: 22.19 kB - pygtk2-debugsource-2.24.0-25.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 99c495cc1f980a71f02637c251dffefd
SHA-256: c292dee5af2a75fee28dec18f4344969420c44df706393f6ffbc1de587ae4d47
Size: 464.89 kB - pygtk2-devel-2.24.0-25.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 542b5289588afabc7a3a14db816905f1
SHA-256: a5029b995a7965750567a954423e72fe355239bc3002672e7b5972ee75e63c42
Size: 151.10 kB - pygtk2-doc-2.24.0-25.module+el8+1980+e446a9b7.noarch.rpm
MD5: 72b6e01d0db285d0a9b3911c927a3b04
SHA-256: 3e6b2ba8e0c1d18c480c93ac2973c2c531df1fffe962a091a3cb0e3c2e1f94a0
Size: 1.19 MB - python2-cairo-1.16.3-7.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 02500b0041f3e355df91ba16cff53c1c
SHA-256: d293bfd9a77f258faff587e93e3ce5f2297a044c0f877c024fdd29da2c91978e
Size: 88.66 kB - python2-cairo-devel-1.16.3-7.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 0f52e328b4d3d5705d748ed059d853ee
SHA-256: ef60e50725c78e254dc09c4db44845de9b90f9891b29d7adde7da2c07b11eb11
Size: 15.97 kB - python2-pycairo-debugsource-1.16.3-7.module+el8+1980+e446a9b7.x86_64.rpm
MD5: 038cb99c45eeb082c2e91378a9c629c7
SHA-256: f6781b41918eaa65cfd823c6d02772c26465ba8c6581c0b34bc79d9504d19e1b
Size: 55.97 kB