[SECURITY] [DLA 4342-1] gimp security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4342-1] gimp security update
From: Sylvain Beucler <beuc@beuc.net>
Date: Wed, 22 Oct 2025 18:59:46 +0200
Message-id: <[🔎] aPkNgkTY9mVqhoiL@mail.beuc.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4342-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Sylvain Beucler
October 22, 2025                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : gimp
Version        : 2.10.22-4+deb11u3
CVE ID         : CVE-2025-2760 CVE-2025-2761 CVE-2025-5473 CVE-2025-6035 
                 CVE-2025-10922 CVE-2025-48797 CVE-2025-48798
Debian Bug     : 1105005 1107758 1116459

Several vulnerabilities were discovered in GIMP, the GNU Image
Manipulation Program, which could result in denial of service or
potentially the execution of arbitrary code if malformed DDS, FLI,
ICO, DICOM, TGA or XCF images are opened, or when using the Despeckle
plug-in on a very large image.

CVE-2025-2760

    GIMP XWD File Parsing Integer Overflow Remote Code Execution
    Vulnerability. The specific flaw exists within the parsing of XWD
    files. The issue results from the lack of proper validation of
    user-supplied data, which can result in an integer overflow before
    allocating a buffer. An attacker can leverage this vulnerability
    to execute code in the context of the current process. Was
    ZDI-CAN-25082.

CVE-2025-2761

    GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution
    Vulnerability. The specific flaw exists within the parsing of FLI
    files. The issue results from the lack of proper validation of
    user-supplied data, which can result in a write past the end of an
    allocated buffer. An attacker can leverage this vulnerability to
    execute code in the context of the current process. Was
    ZDI-CAN-25100.

CVE-2025-5473

    GIMP ICO File Parsing Integer Overflow Remote Code Execution
    Vulnerability. The specific flaw exists within the parsing of ICO
    files. The issue results from the lack of proper validation of
    user-supplied data, which can result in an integer overflow before
    writing to memory. An attacker can leverage this vulnerability to
    execute code in the context of the current process. Was
    ZDI-CAN-26752.

CVE-2025-6035

    An integer overflow vulnerability exists in the GIMP "Despeckle"
    plug-in. The issue occurs due to unchecked multiplication of image
    dimensions, such as width, height, and bytes-per-pixel (img_bpp),
    which can result in allocating insufficient memory and
    subsequently performing out-of-bounds writes. This issue could
    lead to heap corruption, a potential denial of service (DoS), or
    arbitrary code execution in certain scenarios.

CVE-2025-10922

    ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow
    Remote Code Execution Vulnerability

CVE-2025-48797

    Flaw when processing certain TGA image files. If a user opens one
    of these image files that has been specially crafted by an
    attacker, GIMP can be tricked into making serious memory errors,
    potentially leading to crashes and causing a heap buffer overflow.

CVE-2025-48798

    Flaw when processing XCF image files. If a user opens one of these
    image files that has been specially crafted by an attacker, GIMP
    can be tricked into making serious memory errors, potentially
    leading to crashes and causing use-after-free issues.

For Debian 11 bullseye, these problems have been fixed in version
2.10.22-4+deb11u3.

We recommend that you upgrade your gimp packages.

For the detailed security status of gimp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gimp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmj5DRoACgkQDTl9HeUl
XjAkABAAxsoacaVV+knQY6dwdEqS2JL02zN/qFC6JsAivAX9+JG0exB8XxlUcmAD
1dEuiOuDaGKrWHEdMkpwhMr9pd/a2eeUNBmyJuYz6KqwQRFeQ7c4LjTwzbtVKNAI
T4EVfLwUJE+Iedv5vKqwzIFsa3B5d5spvZ3GZnOGQim6HvGaVY9IG8K38zafVR7r
yZTdhSBlm9vtax8OwwhhZNqTG6UFF5vG0DUnSJgCege4FQYzuem5f1kvve/dWQ8O
4Dkz7RKBH0kbdRqqzzsu1T3qz+4nkTD09wBdpDPxIVOm1NC+jQEtrfDCHNJC0kMM
9CVpeKZO9MiYVjiQ7+L8uFsD5oVC/9jIek5EV6v5lkQRcqa1jBv+ukxIZbufUVGk
awhuTl1Uk8vhUZ2fGLVAjQllnhKZRIOxcBWQb4+jobd0196Gu0ILSR0+SRYpW1O3
jfXYJn8mTY4un1vmOJAJ3Rv9rmH6MhqwiWpQz/ErPYHa9UT/5JmCDscjHA5CY3o7
qJInuSiQFyXiZ6jKrY7O72Dp7hApmQs/YgKxGNy7uk586HiIlQAgD27qvK2ul/64
X2cM+f+ii+UKYvKf3JY6js+vxbdwRWVx6Z4ETnBGBmxX5qSMKv1WstLTLa6+qRER
uZI44x2foxJpkiVg7v50GUaBlLi+98g7BkETiUXf0AXQzpZl45w=
=oXbQ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4341-1] gegl security update
Next by Date: [SECURITY] [DLA 4343-1] raptor2 security update
Previous by thread: [SECURITY] [DLA 4341-1] gegl security update
Next by thread: [SECURITY] [DLA 4343-1] raptor2 security update
Index(es):
- Date
- Thread