Description
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
Published: 2026-03-26
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory Disclosure and Denial of Service
Action: Apply Workaround
AI Analysis

Impact

A heap buffer over-read in GIMP's PCX file loader occurs when an off‑by‑one error allows an attacker to craft a PCX image that, when loaded, can expose out‑of‑bounds memory contents and crash the application. The flaw, classified as CWE‑193, can lead to a disclosure of sensitive data and a denial of service, compromising confidentiality and availability but not directly affecting system integrity. Successful exploitation requires that a user opens the malicious file.

Affected Systems

The vulnerability affects GIMP installations on Red Hat Enterprise Linux 6 through 9. Any user who has the gimp package installed on these distributions is potentially susceptible, regardless of the specific GIMP version distributed with the OS.

Risk and Exploitability

With a CVSS v3.1 score of 6.1, the severity is moderate. The EPSS score is not available and the flaw is not listed in the CISA KEV catalog. The attack requires social engineering; an adversary must convince a user to open a malicious PCX image. Because the flaw is only exploitable through such user interaction and does not involve a direct remote code execution vector, the overall likelihood of exploitation in uncontrolled environments is lower, though not negligible.

Generated by OpenCVE AI on March 26, 2026 at 15:13 UTC.

Remediation

Vendor Workaround

Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the `gimp` package to eliminate this attack vector.

OpenCVE Recommended Actions

  • Avoid opening untrusted PCX files with GIMP.
  • If GIMP is unnecessary, uninstall the gimp package to remove the attack surface.
  • Monitor Red Hat advisories for a patch and apply any official update when released.
  • Maintain system packages at their latest supported versions to reduce exposure.

Generated by OpenCVE AI on March 26, 2026 at 15:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Gnome
Gnome gimp
Vendors & Products Gnome
Gnome gimp

Fri, 27 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 26 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP’s PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS). A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
Title Gimp: gimp: memory disclosure and denial of service via specially crafted pcx image Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP’s PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
Title Gimp: gimp: memory disclosure and denial of service via specially crafted pcx image
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-193
CPEs cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H'}

Subscriptions

Gnome Gimp
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-03-30T19:23:17.238Z

Reserved: 2026-03-26T11:33:19.455Z

Link: CVE-2026-4887

cve-icon Vulnrichment

Updated: 2026-03-26T12:58:42.644Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-26T13:16:30.780

Modified: 2026-03-26T15:13:15.790

Link: CVE-2026-4887

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-26T11:35:00Z

Links: CVE-2026-4887 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:28:41Z

Weaknesses