CVE-2026-58384 in GIMPinfo

Summary

by MITRE • 07/07/2026

A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 07/07/2026

This vulnerability resides within GIMP's Photoshop Document file format parser specifically targeting the read_RLE_channel() function that processes Run-Length Encoded data streams. The flaw manifests as an integer overflow condition where the parser fails to properly validate input parameters before calculating memory allocation sizes for the RLE row-length table structure. When parsing malformed PSD files containing crafted RLE compression data, the system computes an incorrect heap allocation size that is insufficient to accommodate the actual data requirements.

The technical implementation of this vulnerability follows a classic integer overflow pattern where arithmetic operations on unsigned integers produce values that exceed the maximum representable range, causing wraparound behavior that results in unexpectedly small memory allocations. The affected function processes row-length tables that should dynamically scale based on image dimensions and compression parameters, but due to improper bounds checking, it allocates memory based on a truncated or overflowed value rather than the actual required size.

The operational impact of this vulnerability extends beyond simple memory corruption to potentially enable remote code execution in contexts where GIMP processes untrusted PSD files. When the system attempts to write data to the undersized heap allocation, subsequent memory writes overwrite adjacent heap metadata or other critical program structures, creating opportunities for arbitrary code execution through controlled memory corruption. This type of vulnerability is particularly dangerous in applications that process user-uploaded content or serve as file format handlers for web-based systems.

From a cybersecurity perspective, this vulnerability aligns with CWE-190, Integer Overflow or Wraparound, and represents a classic heap-based buffer overflow scenario that can be exploited through memory corruption techniques. The ATT&CK framework would categorize this under T1203, Exploitation for Client Execution, as it enables remote code execution through the processing of malicious file formats. The vulnerability demonstrates poor input validation practices in image format parsers and highlights the critical importance of robust memory management in multimedia processing libraries that handle untrusted input data streams.

Mitigation strategies should include immediate patching of GIMP versions containing this flaw, implementation of strict input validation for RLE compression parameters, and deployment of memory protection mechanisms such as address space layout randomization and stack canaries. Organizations should also consider implementing sandboxed file processing environments for image format handling and establishing comprehensive input sanitization routines that prevent integer overflow conditions in memory allocation calculations. The vulnerability underscores the necessity of thorough code review processes specifically focused on memory safety aspects in multimedia libraries and the importance of fuzzing test cases that target edge cases in compression algorithm implementations.

Responsible

Redhat

Reservation

06/30/2026

Disclosure

07/07/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!