VIR Vulnerability Intelligence Relay

CVE-2026-40915

high
Published 2026-04-15 Β· Modified 2026-04-28
πŸ’¬ Discuss on Community ✚ Propose mitigation
CVSS v3
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v4 NEW
β€”
not yet in upstream
VIR risk
7.8

Description

A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when processing pixel data. Successful exploitation could result in a denial of service (DoS) or potentially arbitrary code execution.

Predictions

Exploit likelihood
75%
Patch ETA
β€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata β€” Red Hat Inc. Β· View original β†— Β· Open-Errata-API

Description gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader Red Hat statement Moderate. This flaw in GIMP's FITS image loader could lead to a denial of service or arbitrary code execution when processing a specially crafted FITS file. Exploitation requires user interaction, as a malicious file must be opened by the application. Red Hat Enterprise Linux systems are…

Description

gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader

Red Hat statement

Moderate. This flaw in GIMP's FITS image loader could lead to a denial of service or arbitrary code execution when processing a specially crafted FITS file. Exploitation requires user interaction, as a malicious file must be opened by the application. Red Hat Enterprise Linux systems are affected if GIMP is installed and used to open untrusted FITS image files.

CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

Package state

ProductPackageState
Red Hat Enterprise Linux 6gimpFix deferred
Red Hat Enterprise Linux 7gimpFix deferred
Red Hat Enterprise Linux 8gimp:2.8/gimpFix deferred
Red Hat Enterprise Linux 9gimpFix deferred

OS impact
OSVersionStatusFixed in
debian debianbookwormaffected
debian debianbullseyeaffected
debian debianforkyfixed3.2.2-1
debian debiansidfixed3.2.2-1
debian debiantrixieaffected
redhat rhel6.0affected
redhat rhel7.0affected
redhat rhel8.0affected
redhat rhel9.0affected

Application impact
VendorProductVersionsFixed
gimpgimp-

References

CWEs

CWE-190

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.