CVE-2026-4887
6.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Summary
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible application crash, resulting in a Denial of Service (DoS).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support | 2:2.8.22-1.el7_9.6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 8100020260512115927.4c9c024f < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 8040020260520140422.70584597 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 8040020260520140422.70584597 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 8060020260520140100.6af1eaf0 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service | 8060020260520140100.6af1eaf0 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | 8060020260520140100.6af1eaf0 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 8080020260520102644.0621e4ee < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 8080020260520102644.0621e4ee < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 2:3.0.4-1.el9_7.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 2:3.0.4-4.el9_8.4 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | 2:2.99.8-3.el9_0.6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | 2:2.99.8-4.el9_2.6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions | 2:2.99.8-4.el9_4.6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.6 Extended Update Support | 2:2.99.8-4.el9_6.7 < * | unaffected |
Weaknesses
- CWE-193: Off-by-one Error
Workarounds
Users should avoid opening untrusted PCX image files with GIMP. If GIMP is not required, consider removing the gimp package to eliminate this attack vector.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://access.redhat.com/errata/RHSA-2026:16484
- https://access.redhat.com/errata/RHSA-2026:17533
- https://access.redhat.com/errata/RHSA-2026:19362
- https://access.redhat.com/errata/RHSA-2026:20552
- https://access.redhat.com/errata/RHSA-2026:20553
- https://access.redhat.com/errata/RHSA-2026:20554
- https://access.redhat.com/errata/RHSA-2026:20691
- https://access.redhat.com/errata/RHSA-2026:25899
- https://access.redhat.com/errata/RHSA-2026:25901
- https://access.redhat.com/errata/RHSA-2026:25907
- https://access.redhat.com/errata/RHSA-2026:26168
- https://access.redhat.com/security/cve/CVE-2026-4887
- https://bugzilla.redhat.com/show_bug.cgi?id=2451669
- https://gitlab.gnome.org/GNOME/gimp/-/issues/15960
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.