CVE-2026-4887
Heap Buffer Over-read in GIMP PCX Loader Causes DoS
Publication date: 2026-03-26
Last updated on: 2026-05-26
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gimp | gimp | 3.2.0 |
| gimp | gimp | 3.2.0 |
| gimp | gimp | 3.2.0 |
| gimp | gimp | to 3.2.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-193 | A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in GIMP's PCX file loader caused by an off-by-one error in the bytesperline validation logic. It results in a heap buffer over-read, meaning GIMP reads beyond the allocated memory buffer when opening a specially crafted PCX image.
An attacker can exploit this by convincing a user to open a malicious PCX file, which can cause GIMP to disclose out-of-bounds memory and potentially crash the application.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to out-of-bounds memory disclosure, which may expose sensitive information from the application's memory.
Additionally, it can cause the application to crash, resulting in a Denial of Service (DoS) condition.
However, exploitation requires user interaction, specifically opening a maliciously crafted PCX file.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability occurs when a user opens a specially crafted PCX image in GIMP, leading to a heap buffer over-read. Detection involves identifying attempts to open or process malicious PCX files with GIMP.
Since exploitation requires user interaction, monitoring for suspicious PCX files or unusual GIMP crashes can help detect potential exploitation.
No specific detection commands or network signatures are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening PCX image files from untrusted or unknown sources in GIMP.
Apply any available patches or updates to GIMP that address this off-by-one error in the PCX file loader as soon as they are released.
Consider restricting user permissions or using application sandboxing to limit the impact of a potential exploit.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in GIMP's PCX file loader could potentially lead to out-of-bounds memory disclosure if exploited. Such memory disclosure might expose sensitive information processed by the application, which could impact compliance with data protection regulations like GDPR or HIPAA that require safeguarding personal or sensitive data.
However, exploitation requires user interaction and involves opening a specially crafted PCX file, which limits the risk to some extent. There is no direct information indicating that this vulnerability specifically compromises regulated data or leads to a breach of compliance standards.
Therefore, while the vulnerability could pose a risk to data confidentiality and availability, its impact on compliance with standards such as GDPR or HIPAA depends on the context in which GIMP is used and the nature of the data handled.