Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Workaround
To mitigate this vulnerability, users should avoid opening untrusted Paint Shop Pro (PSP) image files with GIMP. As a general security practice, it is recommended to only process image files from trusted sources. If GIMP is not essential, consider removing the package to eliminate the attack surface.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 03 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory. | |
| Title | Gimp: gimp: heap buffer overflow in read_channel_data() | |
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| Weaknesses | CWE-122 | |
| CPEs | cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-03T18:29:22.302Z
Reserved: 2026-06-30T16:54:04.312Z
Link: CVE-2026-58379
No data.
No data.
No data.
OpenCVE Enrichment
No data.