Description
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted PVR image files are affected.
Published: 2026-04-15
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Workaround
AI Analysis

Impact

A flaw in the GIMP image editor allows processing of a specially crafted PVR image file with large dimensions to trigger a stack‑based buffer overflow and an out‑of‑bounds read in the PVR loader. The overflow causes the application to crash, resulting in a denial of service. The vulnerability does not provide a path to execute arbitrary code or compromise data confidentiality or integrity; the primary impact is loss of availability for the application instance that loaded the file.

Affected Systems

The vulnerability affects users of GIMP running on Red Hat Enterprise Linux 6, 7, 8, and 9. Any installation that processes untrusted PVR image files is at risk, regardless of the host operating system version.

Risk and Exploitability

The CVSS base score of 5.5 indicates moderate severity; no EPSS data is available and the vulnerability is not listed in the CISA KEV catalog. To exploit the flaw an attacker must supply a malicious PVR file to the GIMP process, typically by sending the file to a user who opens it. The attack vector is inferred as local or remote via application input. There is no known exploitation of lateral privilege escalation or data breach.

Generated by OpenCVE AI on April 15, 2026 at 22:08 UTC.

Remediation

Vendor Workaround

To reduce the risk associated with this vulnerability, avoid processing untrusted PVR image files. Users should exercise caution when opening PVR files from unknown or suspicious sources. If the PVR image loader is part of an application that processes untrusted content, consider running that application in a sandboxed environment to limit potential impact.

OpenCVE Recommended Actions

  • Avoid opening PVR files from untrusted or unknown sources.
  • If a PVR file must be processed, run the GIMP application in a sandboxed environment such as a container or a sandbox tool to limit the impact of a crash.
  • When a vendor patch or updated GIMP version that rectifies the buffer size calculation becomes available, install it to eliminate the vulnerability.

Generated by OpenCVE AI on April 15, 2026 at 22:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Gimp
Gimp gimp
Vendors & Products Gimp
Gimp gimp

Thu, 16 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 15 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted PVR image files are affected.
Title Gimp: gimp: denial of service via crafted pvr image file
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-131
CPEs cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Gimp Gimp
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-16T14:13:39.099Z

Reserved: 2026-04-15T18:38:30.106Z

Link: CVE-2026-40918

cve-icon Vulnrichment

Updated: 2026-04-16T14:13:34.529Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-15T20:16:37.260

Modified: 2026-04-17T15:08:01.337

Link: CVE-2026-40918

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-15T18:41:40Z

Links: CVE-2026-40918 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T09:12:17Z

Weaknesses