Vulnerability-Lookup

alsa-2025:22417

Vulnerability from osv_almalinux

Published

2025-12-01 00:00

Modified

2025-12-04 13:28

Summary

Important: gimp:2.8 security update

Details

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10922)
gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-10920)
gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10923)
gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921)
gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10925)
gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10924)
gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10934)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "gimp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:2.8.22-26.module_el8.10.0+4070+64105a56.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "gimp-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:2.8.22-26.module_el8.10.0+4070+64105a56.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "gimp-devel-tools"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:2.8.22-26.module_el8.10.0+4070+64105a56.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "gimp-libs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2:2.8.22-26.module_el8.10.0+4070+64105a56.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygobject2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.28.7-5.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygobject2-codegen"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.28.7-5.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygobject2-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.28.7-5.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygobject2-doc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.28.7-5.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygtk2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.24.0-25.module_el8.9.0+3725+d1441900"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygtk2-codegen"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.24.0-25.module_el8.9.0+3725+d1441900"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygtk2-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.24.0-25.module_el8.9.0+3725+d1441900"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "pygtk2-doc"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.24.0-25.module_el8.9.0+3725+d1441900"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python2-cairo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.3-7.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "python2-cairo-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.3-7.module_el8.10.0+3952+571e801c"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.  \n\nSecurity Fix(es):  \n\n  * gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10922)\n  * gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-10920)\n  * gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10923)\n  * gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921)\n  * gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10925)\n  * gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10924)\n  * gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10934)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2025:22417",
  "modified": "2025-12-04T13:28:20Z",
  "published": "2025-12-01T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2025:22417"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10920"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10921"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10922"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10923"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10924"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10925"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2025-10934"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407188"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407191"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407192"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407194"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407199"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407200"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2407233"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2025-22417.html"
    }
  ],
  "related": [
    "CVE-2025-10922",
    "CVE-2025-10920",
    "CVE-2025-10923",
    "CVE-2025-10921",
    "CVE-2025-10925",
    "CVE-2025-10924",
    "CVE-2025-10934"
  ],
  "summary": "Important: gimp:2.8 security update"
}

CVE-2025-10924 (GCVE-0-2025-10924)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2025-10-31 03:55

Title

GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability

Summary

GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FF files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27836.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/merge_reque…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10924",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-31T03:55:15.889Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:54:14.120Z",
      "datePublic": "2025-09-24T18:19:41.379Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of FF files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27836."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:50.398Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-913",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-913/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2448"
        }
      ],
      "source": {
        "lang": "en",
        "value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
      },
      "title": "GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10924",
    "datePublished": "2025-10-29T19:29:50.398Z",
    "dateReserved": "2025-09-24T15:54:14.070Z",
    "dateUpdated": "2025-10-31T03:55:15.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10934 (GCVE-0-2025-10934)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:58 – Updated: 2026-01-07 17:09

Title

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Summary

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27823.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/commit/5c3e…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10934",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T03:56:07.236708Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T17:09:49.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T00:12:05.168Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T20:52:16.622Z",
      "datePublic": "2025-10-29T19:58:46.674Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27823."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:58:55.670Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-978",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-978/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/5c3e2122d53869599d77ef0f1bdece117b24fd7c"
        }
      ],
      "source": {
        "lang": "en",
        "value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
      },
      "title": "GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10934",
    "datePublished": "2025-10-29T19:58:55.670Z",
    "dateReserved": "2025-09-24T20:52:16.567Z",
    "dateUpdated": "2026-01-07T17:09:49.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10921 (GCVE-0-2025-10921)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2026-01-07 17:09

Title

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Summary

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gegl/-/commit/0e68…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10921",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T03:56:08.177822Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T17:09:49.946Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:31:37.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:53:45.573Z",
      "datePublic": "2025-09-24T18:19:14.628Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of HDR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27803."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:39.135Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-910",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-910/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gegl/-/commit/0e68b7471dabf2800d780819c19bd5e6462f565f"
        }
      ],
      "source": {
        "lang": "en",
        "value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
      },
      "title": "GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10921",
    "datePublished": "2025-10-29T19:29:39.135Z",
    "dateReserved": "2025-09-24T15:53:45.525Z",
    "dateUpdated": "2026-01-07T17:09:49.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10922 (GCVE-0-2025-10922)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2026-01-07 17:09

Title

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Summary

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/commit/3d90…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10922",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T03:56:09.116197Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T17:09:49.812Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T17:31:38.433Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:53:55.614Z",
      "datePublic": "2025-09-24T18:19:23.333Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27863."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:42.905Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-911",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-911/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/3d909166463731e94dfe62042d76225ecfc4c1e4"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Anonymous"
      },
      "title": "GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10922",
    "datePublished": "2025-10-29T19:29:42.905Z",
    "dateReserved": "2025-09-24T15:53:55.553Z",
    "dateUpdated": "2026-01-07T17:09:49.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10925 (GCVE-0-2025-10925)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2025-10-31 03:55

Title

GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Summary

GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack-based Buffer Overflow

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/merge_reque…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10925",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-31T03:55:16.818Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:54:26.137Z",
      "datePublic": "2025-09-24T18:19:50.189Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ILBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27793."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:54.680Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-914",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-914/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2450"
        }
      ],
      "source": {
        "lang": "en",
        "value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
      },
      "title": "GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10925",
    "datePublished": "2025-10-29T19:29:54.680Z",
    "dateReserved": "2025-09-24T15:54:26.088Z",
    "dateUpdated": "2025-10-31T03:55:16.818Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10923 (GCVE-0-2025-10923)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2025-10-31 03:55

Title

GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability

Summary

GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WBMP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27878.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/commit/2d2d…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10923",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-31T03:55:14.539Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:54:03.618Z",
      "datePublic": "2025-09-24T18:19:31.683Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of WBMP files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27878."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:46.493Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-912",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-912/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/2d2d39f3da1d0b01ca7d71ad2b7a8725ee92ed96"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Anonymous"
      },
      "title": "GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10923",
    "datePublished": "2025-10-29T19:29:46.493Z",
    "dateReserved": "2025-09-24T15:54:03.542Z",
    "dateUpdated": "2025-10-31T03:55:14.539Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-10920 (GCVE-0-2025-10920)

Vulnerability from cvelistv5 – Published: 2025-10-29 19:29 – Updated: 2026-01-07 17:09

Title

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Summary

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684.

Severity ?

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

zdi

References

URL

Tags

	https://www.zerodayinitiative.com/advisories/ZDI-…	x_research-advisory
	https://gitlab.gnome.org/GNOME/gimp/-/merge_reque…	vendor-advisory

Impacted products

	Vendor	Product	Version
	GIMP	GIMP	Affected: 3.0.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10920",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T03:56:06.341189Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-07T17:09:50.173Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GIMP",
          "vendor": "GIMP",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.4"
            }
          ]
        }
      ],
      "dateAssigned": "2025-09-24T15:53:33.847Z",
      "datePublic": "2025-09-24T18:19:03.590Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27684."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T19:29:35.471Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-25-909",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-909/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2443"
        }
      ],
      "source": {
        "lang": "en",
        "value": "MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]"
      },
      "title": "GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2025-10920",
    "datePublished": "2025-10-29T19:29:35.471Z",
    "dateReserved": "2025-09-24T15:53:33.759Z",
    "dateUpdated": "2026-01-07T17:09:50.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

alsa-2025:22417

Vulnerability from osv_almalinux

CVE-2025-10924 (GCVE-0-2025-10924)

CVE-2025-10934 (GCVE-0-2025-10934)

CVE-2025-10921 (GCVE-0-2025-10921)

CVE-2025-10922 (GCVE-0-2025-10922)

CVE-2025-10925 (GCVE-0-2025-10925)

CVE-2025-10923 (GCVE-0-2025-10923)

CVE-2025-10920 (GCVE-0-2025-10920)

Tags

Sightings

Nomenclature