Description
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a variable-length array.
Published: 2026-04-15
Score: 5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Workaround
AI Analysis

Impact

A stack buffer overflow in GIMP’s TIM image loader allows a local user to cause the application to crash by opening a specially crafted TIM file. The overflow occurs during 4BPP decoding when writing to a variable‑length array, resulting in a denial of service. No direct compromise of confidentiality or integrity is described; the primary impact is to availability of the GIMP process.

Affected Systems

The vulnerability is present in the GIMP package delivered with Red Hat Enterprise Linux 6, 7, 8, and 9. Any system running one of these distributions that installs GIMP and can be used by a local user is potentially affected.

Risk and Exploitability

The CVSS score of 5 indicates moderate severity. Exploitation requires local access to a user account that can launch GIMP; there is no network‑based entry point. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting that widespread active exploitation is not currently demonstrated. The risk level, therefore, is moderate, contingent upon an attacker’s ability to introduce a malicious TIM file locally.

Generated by OpenCVE AI on April 15, 2026 at 22:09 UTC.

Remediation

Vendor Workaround

To mitigate this issue, users should avoid opening untrusted TIM image files with GIMP. As a general security practice, users should exercise caution when handling files from unknown or suspicious sources.

OpenCVE Recommended Actions

  • Avoid opening TIM image files from untrusted or unknown sources in GIMP.
  • Keep GIMP and the host operating system up to date by regularly checking Red Hat security advisories and applying any released patches.
  • If handling TIM files is frequent, disable or uninstall the TIM image loader plugin in GIMP to remove the vulnerable code path.

Generated by OpenCVE AI on April 15, 2026 at 22:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Gimp
Gimp gimp
Vendors & Products Gimp
Gimp gimp

Thu, 16 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a variable-length array.
Title Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-787
CPEs cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Gimp Gimp
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-15T19:59:03.461Z

Reserved: 2026-04-15T18:38:30.106Z

Link: CVE-2026-40916

cve-icon Vulnrichment

Updated: 2026-04-15T19:58:59.272Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-15T20:16:36.900

Modified: 2026-04-17T15:08:01.337

Link: CVE-2026-40916

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-15T18:41:43Z

Links: CVE-2026-40916 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:12:19Z

Weaknesses