Description
A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory allocation without proper validation, leading to a heap overflow and an out-of-bounds write. Successful exploitation could result in an application level denial of service.
Published: 2026-03-26
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: Application level denial of service
Action: Patch
AI Analysis

Impact

An integer overflow vulnerability exists in GIMP's PSP file parser, specifically the read_creator_block() function, where a 32‑bit length value from a PSP file is used without validation for memory allocation. This flaw leads to a heap overflow and out‑of‑bounds write, allowing an attacker to supply a specially crafted PSP image and trigger an application‑level denial of service. A remote attacker could exploit this by delivering a malicious PSP file that causes GIMP to crash, leading to application downtime.

Affected Systems

The vulnerability affects GIMP installations bundled with Red Hat Enterprise Linux 6 through 9. All users running these RHEL versions with the affected GIMP package are impacted.

Risk and Exploitability

The CVSS v3.10 score is 3.3, indicating a low severity, with an EPSS of less than 1 percent and no listing in the CISA KEV catalog. Because the flaw requires a crafted PSP file, the primary attack vector is a local or remote attacker who can supply such a file to the targeted GIMP instance. While exploitability is technically possible, the low probability and absence of active exploitation reduce overall risk, though patching is still recommended.

Generated by OpenCVE AI on April 16, 2026 at 02:42 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

OpenCVE Recommended Actions

  • Apply the latest Red Hat security update that includes the GIMP patch for the integer overflow bug.
  • If the update is not yet available, disable GIMP’s PSP file support by removing or blacklisting the relevant plugin module.
  • Configure file system permissions to restrict which users can place or modify PSP files in directories accessed by GIMP, thereby limiting the opportunity for an attacker to present a malicious file.

Generated by OpenCVE AI on April 16, 2026 at 02:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4483-1 gimp security update
Debian DSA Debian DSA DSA-6139-1 gimp security update
History

Fri, 27 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
References

Thu, 26 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory allocation without proper validation, leading to a heap overflow and an out-of-bounds write. Successful exploitation could result in an application level denial of service.
Title gimp: GIMP: Denial of service via crafted PSP image file Gimp: gimp: denial of service via crafted psp image file
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References

Thu, 12 Feb 2026 11:30:00 +0000

Type Values Removed Values Added
First Time appeared Gimp
Gimp gimp
Vendors & Products Gimp
Gimp gimp

Wed, 11 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title gimp: GIMP: Denial of service via crafted PSP image file
Weaknesses CWE-190
References
Metrics threat_severity

None

 cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L'}

threat_severity

Moderate

Subscriptions

Gimp Gimp
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-03-27T20:01:56.045Z

Reserved: 2026-02-10T09:32:16.763Z

Link: CVE-2026-2271

cve-icon Vulnrichment

Updated: 2026-03-27T19:52:40.540Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-26T21:17:04.713

Modified: 2026-03-30T13:26:50.827

Link: CVE-2026-2271

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-02-10T09:09:00Z

Links: CVE-2026-2271 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T02:45:06Z

Weaknesses