{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14423", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2025-12-10T01:42:17.271Z", "datePublished": "2025-12-23T21:31:23.374Z", "dateUpdated": "2025-12-23T21:31:23.374Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2025-12-23T21:31:23.374Z"}, "title": "GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability", "descriptions": [{"lang": "en", "value": "GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of LBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28311."}], "affected": [{"vendor": "GIMP", "product": "GIMP", "versions": [{"version": "3.0.6", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-1137/", "name": "ZDI-25-1137", "tags": ["x_research-advisory"]}, {"url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521", "name": "vendor-provided URL", "tags": ["vendor-advisory"]}], "dateAssigned": "2025-12-10T01:42:17.294Z", "datePublic": "2025-12-17T20:21:15.204Z", "source": {"lang": "en", "value": "Anonymous"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH"}}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of LBM files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28311."}], "id": "CVE-2025-14423", "lastModified": "2025-12-23T22:15:49.420", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2025-12-23T22:15:49.420", "references": [{"source": "zdi-disclosures@trendmicro.com", "url": "https://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521"}, {"source": "zdi-disclosures@trendmicro.com", "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-1137/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "zdi-disclosures@trendmicro.com", "type": "Primary"}]}

{"bugzilla": {"description": "gimp: GIMP: Remote Code Execution via stack-based buffer overflow in LBM file parsing", "id": "2424782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424782"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["A flaw was found in GIMP. This stack-based buffer overflow vulnerability occurs during the parsing of LBM files due to insufficient validation of user-supplied data length. A remote attacker can exploit this by tricking a user into opening a specially crafted malicious LBM file. Successful exploitation could lead to arbitrary code execution in the context of the current process."], "mitigation": {"lang": "en:us", "value": "To mitigate this vulnerability, users should avoid opening untrusted LBM files with GIMP. If GIMP is not essential for system operation, consider removing the `gimp` package to eliminate the attack surface. This can be done using the system's package manager. For example, on Red Hat Enterprise Linux, use `sudo yum remove gimp` or `sudo dnf remove gimp`."}, "name": "CVE-2025-14423", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "gimp:2.8/gimp", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-23T21:31:23Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-14423\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-14423\nhttps://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521\nhttps://www.zerodayinitiative.com/advisories/ZDI-25-1137/"], "statement": "This vulnerability is rated Important for Red Hat products as it allows for remote code execution in GIMP. Exploitation requires user interaction, specifically tricking a user into opening a specially crafted malicious LBM file.", "threat_severity": "Important"}

{"created": "2025-12-24T11:51:21.437039+00:00", "updated": "2025-12-24T11:51:21.437089+00:00", "vendors": ["gimp", "gimp$PRODUCT$gimp"]}