CVE-2026-4887

Summary

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 7 Extended Lifecycle Support2:2.8.22-1.el7_9.6 < *unaffected
Red HatRed Hat Enterprise Linux 88100020260512115927.4c9c024f < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support8040020260520140422.70584597 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On8040020260520140422.70584597 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support8060020260520140100.6af1eaf0 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service8060020260520140100.6af1eaf0 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions8060020260520140100.6af1eaf0 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service8080020260520102644.0621e4ee < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions8080020260520102644.0621e4ee < *unaffected
Red HatRed Hat Enterprise Linux 92:3.0.4-1.el9_7.5 < *unaffected
Red HatRed Hat Enterprise Linux 92:3.0.4-4.el9_8.4 < *unaffected
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions2:2.99.8-3.el9_0.6 < *unaffected
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions2:2.99.8-4.el9_2.6 < *unaffected
Red HatRed Hat Enterprise Linux 9.4 Update Services for SAP Solutions2:2.99.8-4.el9_4.6 < *unaffected
Red HatRed Hat Enterprise Linux 9.6 Extended Update Support2:2.99.8-4.el9_6.7 < *unaffected

Weaknesses

  • CWE-193: Off-by-one Error

Workarounds

Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the gimp package to eliminate this attack vector.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References