Description
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process such files.
Published: 2026-04-15
Score: 5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Assess Impact
AI Analysis

Impact

A heap buffer over‑read has been discovered in GIMP’s icns_slurp() function when it parses specially crafted ICNS files. This flaw, classified as CWE‑125, can cause the application to read beyond the bounds of its input buffer, potentially leading to a crash or the leakage of memory contents. The disclosed memory data may contain sensitive information that was present on the system at the time of processing the file. The vulnerability therefore primarily enables information disclosure, and secondarily application instability.

Affected Systems

The defect exists in GIMP packages shipped with Red Hat Enterprise Linux 6, 7, 8, and 9. No specific GIMP version numbers are provided in the record, implying that any installation of GIMP on those distributions is potentially vulnerable unless a patched build is deployed. Users running older or unsupported operating systems that still employ GIMP may also be at risk, but this has not been explicitly documented.

Risk and Exploitability

The CVSS score of 5 indicates a medium severity issue. The likely attack vector is local or remote file input: an attacker must supply a malicious ICNS file that GIMP subsequently opens. As the EPSS score is not available and the vulnerability is not listed in CISA’s KEV catalog, there is no evidence of widespread exploitation at present. However, the potential for sensitive data leakage warrants monitoring especially in environments where untrusted image files are processed.

Generated by OpenCVE AI on April 16, 2026 at 09:09 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

OpenCVE Recommended Actions

  • No approved workaround is available; await a vendor patch when released.
  • Avoid opening untrusted or unknown ICNS files in GIMP until a vendor fix is available.
  • Run GIMP within a confined environment such as AppArmor, SELinux, or a container to limit the impact of a buffer over‑read.

Generated by OpenCVE AI on April 16, 2026 at 09:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Gimp
Gimp gimp
Vendors & Products Gimp
Gimp gimp

Thu, 16 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 15 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure on systems that process such files.
Title Gimp: gimp: application crashes or information disclosure via crafted icns image files
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-125
CPEs cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Gimp Gimp
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-15T19:27:21.721Z

Reserved: 2026-04-15T18:38:30.106Z

Link: CVE-2026-40917

cve-icon Vulnrichment

Updated: 2026-04-15T19:27:13.687Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-15T20:16:37.080

Modified: 2026-04-17T15:08:01.337

Link: CVE-2026-40917

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-15T18:41:42Z

Links: CVE-2026-40917 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:15:30Z

Weaknesses