CVE-2026-5201
Modified Modified - Updated After Analysis
Heap-Based Buffer Overflow in gdk-pixbuf JPEG Loader Causes DoS

Publication date: 2026-03-31

Last updated on: 2026-06-10

Assigner: Red Hat, Inc.

Description
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-31
Last Modified
2026-06-10
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-14
NVD
CVE-2026-5201
EUVD
EUVD-2026-17343
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
redhat enterprise_linux 7.0
gnome gdk-pixbuf *
redhat enterprise_linux 8.0
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux 9.0
redhat enterprise_linux_server_tus 8.8
redhat enterprise_linux 10.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5201 is a heap-based buffer overflow vulnerability found in the gdk-pixbuf library's JPEG image loader. It occurs because the library improperly validates the number of color components when processing specially crafted JPEG images. This leads to insufficient memory allocation for pixel data, causing the library to write more data than the buffer can hold.

This flaw can be triggered remotely without any user interaction, for example, during automatic thumbnail generation. When exploited, it causes memory corruption that results in application crashes and denial-of-service (DoS) conditions.

Impact Analysis

The primary impact of this vulnerability is denial of service. An attacker can cause applications using the vulnerable gdk-pixbuf library to crash by sending specially crafted JPEG images. This can disrupt services that rely on image processing, such as thumbnail generation, potentially leading to system instability or downtime.

Although there have been claims about possible code execution, these are not reliably proven and would require unrealistic conditions. Therefore, the confirmed impact remains limited to application crashes and denial of service.

Detection Guidance

This vulnerability occurs in the gdk-pixbuf library's JPEG image loader when processing specially crafted JPEG images, leading to application crashes and denial of service. Detection involves identifying if your system uses a vulnerable version of gdk-pixbuf.

You can check the installed version of gdk-pixbuf on your system using package management commands. For example, on a Linux system using rpm-based packages, run:

  • rpm -q gdk-pixbuf

On Debian-based systems, use:

  • dpkg -l | grep gdk-pixbuf

Additionally, monitoring application logs for crashes related to image processing or thumbnail generation involving JPEG images may help detect exploitation attempts.

Mitigation Strategies

To mitigate this vulnerability, immediately update the gdk-pixbuf library to a patched version provided by your Linux distribution vendor.

If an update is not immediately available, consider restricting or disabling processing of untrusted JPEG images, especially in automated thumbnail generation or image processing workflows.

Additionally, monitor systems for crashes related to image processing and apply any vendor advisories or workarounds.

Compliance Impact

The vulnerability causes denial-of-service conditions through application crashes due to a heap-based buffer overflow in the gdk-pixbuf library's JPEG image loader.

There is no information provided about any impact on data confidentiality, integrity, or availability beyond denial of service, nor any direct mention of effects on compliance with standards such as GDPR or HIPAA.

Therefore, based on the available information, this vulnerability primarily affects application availability but does not explicitly indicate violations or compliance issues related to common data protection regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5201. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart