[security - high] gimp:2.8 security update
エラータID: AXSA:2025-11502:01
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10922)
* gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-10920)
* gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10923)
* gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921)
* gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10925)
* gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10924)
* gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-10920
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684.
CVE-2025-10921
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803.
CVE-2025-10922
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
CVE-2025-10923
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WBMP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27878.
CVE-2025-10924
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FF files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27836.
CVE-2025-10925
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793.
CVE-2025-10934
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27823.
Modularity name: "gimp"
Stream name: "2.8"
Update packages.
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684.
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803.
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WBMP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27878.
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FF files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27836.
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793.
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27823.
N/A
SRPMS
- gimp-2.8.22-26.module+el8+1924+a117477d.3.src.rpm
MD5: a16da3fee48ba0c578dc3a39d19dace9
SHA-256: 1737f12bc12e43239998994918498493765196cfb39058d8a6ed3e1164a60d35
Size: 20.06 MB - pygobject2-2.28.7-5.module+el8+1924+a117477d.src.rpm
MD5: 3d3dc5c5d208e9ba68ed199930826000
SHA-256: cb9a9f9c453c427505f36511bb291b9e130247f6ecc814ac94026b7304831d7e
Size: 750.83 kB - pygtk2-2.24.0-25.module+el8+1924+a117477d.src.rpm
MD5: 7da616fec8739da6700aee1d825bdd83
SHA-256: 19efff7a8f9c36294c800192de63402a8b0e5f6a36c5b97ed68042eb04cf2aef
Size: 2.28 MB - python2-pycairo-1.16.3-7.module+el8+1924+a117477d.src.rpm
MD5: 4d0cc5803af26068f4cd6fe4bb34e9ec
SHA-256: 4601bbaa0f088759573d4dce1301cf16e37771859a11640b53d05fa5c2a94b50
Size: 199.60 kB
Asianux Server 8 for x86_64
- gimp-2.8.22-26.module+el8+1924+a117477d.3.x86_64.rpm
MD5: 4df169652627a685852b59920019bb09
SHA-256: c194c9845125bd218d40ee92f29e8fcd91f09e5940074e3055cfdceb167e273d
Size: 14.96 MB - gimp-debugsource-2.8.22-26.module+el8+1924+a117477d.3.x86_64.rpm
MD5: 3688f7dea0ad8ba91e6370c32b0bef7f
SHA-256: 37470e009d8b59b61f3cc0be1a316e4b381a4fea74e170c63af00bbea771dbb8
Size: 4.50 MB - gimp-devel-2.8.22-26.module+el8+1924+a117477d.3.x86_64.rpm
MD5: 8e12649a2de6122c8491a468f734a83b
SHA-256: 98e5fb339338a8a0f36c2e3453a99d28aa4cda0418d7ddadd79760d6c6ec2beb
Size: 940.26 kB - gimp-devel-tools-2.8.22-26.module+el8+1924+a117477d.3.x86_64.rpm
MD5: 1f5f3aabf4725b407717fac1c79e6d03
SHA-256: bdb6ff75a0b3f000fd4ac4950d97fdafdc1e8df32b72b18a1c5ccbaed079bef0
Size: 79.17 kB - gimp-libs-2.8.22-26.module+el8+1924+a117477d.3.x86_64.rpm
MD5: 6263e4a576cb0ad65b8b70d49a84106f
SHA-256: b91b26c86d7f88c8c60991822c1c68cc9d9a4051b5e67000eb94c94437128c20
Size: 1.40 MB - pygobject2-2.28.7-5.module+el8+1924+a117477d.x86_64.rpm
MD5: 21474971c9b81f5abe0d40570c944045
SHA-256: 39202da053123e77fe8a4499ff1ec37a84f2a50f77ed771f687cd29835e2c295
Size: 235.12 kB - pygobject2-codegen-2.28.7-5.module+el8+1924+a117477d.x86_64.rpm
MD5: 1c58ab9a860fdb8627f43fe3ca807d5e
SHA-256: beaf69dcde3accf9973ecf7a8a189fe3e03b1a79460957de198c2e20f8b0675e
Size: 108.41 kB - pygobject2-debugsource-2.28.7-5.module+el8+1924+a117477d.x86_64.rpm
MD5: b8a57d8d0759bbcaadf3c16935ef88a2
SHA-256: 837ba9e746f8e072137ad1c33b592fbcd21b552673216c663c5ffb9056bce9dd
Size: 156.13 kB - pygobject2-devel-2.28.7-5.module+el8+1924+a117477d.x86_64.rpm
MD5: d1f376748cac80b210b657062f06c00f
SHA-256: 7bafeeff53bb2c2a7bb7c91324090b8ee2c92efba8b0db324ea0f3bde3f1f8d9
Size: 71.82 kB - pygobject2-doc-2.28.7-5.module+el8+1924+a117477d.x86_64.rpm
MD5: 8073870560931a764283717b6680c4ce
SHA-256: ff1684513fbc17ac20a99ebf4caa46dad74f40ef22126e57632e1a45c393f7b1
Size: 129.60 kB - pygtk2-2.24.0-25.module+el8+1924+a117477d.x86_64.rpm
MD5: 6b506f12a63e8c328fc17c2151912f23
SHA-256: 40a3baae5ed552f3e80fe926107d391ea4d3828d1caf68395fe01004ae0476c2
Size: 928.59 kB - pygtk2-codegen-2.24.0-25.module+el8+1924+a117477d.x86_64.rpm
MD5: 873f1cebbf78d0e5515bd0729dd8c734
SHA-256: 4fd7efd181df8de5058ace8765b3b29d78bcab222e04772ee98c6e7d001acf76
Size: 22.19 kB - pygtk2-debugsource-2.24.0-25.module+el8+1924+a117477d.x86_64.rpm
MD5: 01d6226f06a73b9111e21890a6bd2da9
SHA-256: c3f6bbd2a38b1f51cc88bf9dd38aba7474ec7adf106a0cd9ad3eea037e6d15ef
Size: 464.90 kB - pygtk2-devel-2.24.0-25.module+el8+1924+a117477d.x86_64.rpm
MD5: f9adf557994354698f7afbdbe721fa35
SHA-256: 51295d3c905bb380726aaa8c7f9deaea43ae81a1d6fd6000282e7566b47ddad8
Size: 151.10 kB - pygtk2-doc-2.24.0-25.module+el8+1924+a117477d.noarch.rpm
MD5: 3494e844ff78ee1ccb03c02627a30aea
SHA-256: fdc0d2be4bcc5da6ec366a61a3f9f8f2583dd8926162ff9195c02a8329542a41
Size: 1.19 MB - python2-cairo-1.16.3-7.module+el8+1924+a117477d.x86_64.rpm
MD5: 48d757a34594a8ed2bfa3db03b7212ef
SHA-256: da68531c9b683fcfab271e5c9a98fbb9518659072abc6dcf98faf895cbc389c9
Size: 88.65 kB - python2-cairo-devel-1.16.3-7.module+el8+1924+a117477d.x86_64.rpm
MD5: 0f7159d0d8baeaec36c45fc13a30a260
SHA-256: 272be76e1e31697e35e64451b7c589a54e26061c35f6d2cffd2de057fe0f0de4
Size: 15.97 kB - python2-pycairo-debugsource-1.16.3-7.module+el8+1924+a117477d.x86_64.rpm
MD5: 4ec5166f21b2a8b629dd498f4824af8d
SHA-256: 40dd6112764c4bbf11954b0723ecb1447b3dc1aa8584ec925d064b87d5a9aa31
Size: 55.97 kB