A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory.
Metrics
Affected Vendors & Products
References
History
Fri, 03 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory. | |
| Title | Gimp: gimp: heap buffer overflow in read_channel_data() | |
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| Weaknesses | CWE-122 | |
| CPEs | cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-03T18:29:22.302Z
Reserved: 2026-06-30T16:54:04.312Z
Link: CVE-2026-58379
No data.
No data.
No data.
OpenCVE Enrichment
No data.