CVE-2026-59089 in GIMPinfo

Summary

by MITRE • 07/06/2026

A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table (CLUT) due to an integer overflow. This occurs when multiplying num_colors and num_cluts, both 16-bit unsigned short integers, resulting in a value exceeding the maximum integer limit. An attacker could exploit this by providing a specially crafted image file, leading to undefined behavior and causing the GIMP plug-in to abort, effectively resulting in a denial of service.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 07/06/2026

This vulnerability exists within the PlayStation TIM loader component of GIMP software, which is designed to process image files from Sony's PlayStation gaming console. The flaw manifests in the improper handling of Color Look-Up Table (CLUT) size calculations during image loading operations. When processing specially crafted PlayStation TIM files, the system attempts to compute the total CLUT size by multiplying two 16-bit unsigned short integers representing the number of colors and number of CLUTs respectively. This multiplication operation results in an integer overflow condition when the product exceeds the maximum value that can be represented by a standard integer data type.

The technical implementation of this vulnerability stems from inadequate input validation and arithmetic overflow protection within the image parsing logic. The PlayStation TIM format specification defines certain fields that determine how many colors and CLUTs are present in the image file, but the GIMP plug-in fails to properly validate these values before performing mathematical operations. When attackers supply maliciously crafted TIM files with exaggerated color and CLUT counts, the multiplication of these 16-bit values produces results that exceed the bounds of typical integer representations, creating a scenario where the system cannot correctly determine memory allocation requirements for the CLUT data structures.

The operational impact of this vulnerability extends beyond simple denial of service conditions, as it represents a classic buffer overflow scenario that could potentially be exploited for more severe consequences. While the immediate effect is system termination and application crash, integer overflows in image parsing components often indicate broader architectural weaknesses that could allow for memory corruption or arbitrary code execution under certain circumstances. The vulnerability affects any system running GIMP with the PlayStation TIM plug-in enabled, making it particularly concerning given GIMP's widespread use in professional image editing environments.

From a cybersecurity framework perspective, this vulnerability aligns with CWE-190, which describes "Integer Overflow or Wraparound" conditions that occur when arithmetic operations produce results exceeding the maximum value representable by the target data type. The ATT&CK framework would categorize this as a denial of service attack vector through software exploitation, potentially falling under techniques related to process injection or memory corruption. Organizations should implement immediate mitigations including disabling unnecessary image format loaders, applying patches from GIMP maintainers, and conducting thorough vulnerability assessments of all installed plugins that handle external file formats. Additionally, input validation controls should be enhanced to verify that multiplication operations on user-provided parameters do not exceed predefined safe limits before proceeding with memory allocation or processing operations.

The root cause analysis reveals that this vulnerability represents a common security oversight in multimedia processing applications where developers assume valid input data without proper boundary checking. The PlayStation TIM loader specifically lacks proper overflow detection mechanisms that would prevent the multiplication of two 16-bit values from producing invalid results, creating a pathway for attackers to disrupt normal application functionality through carefully crafted inputs. This type of vulnerability demonstrates the critical importance of implementing robust integer arithmetic validation in security-sensitive applications and highlights the need for comprehensive testing of boundary conditions in file format parsers.

Responsible

Redhat

Reservation

07/02/2026

Disclosure

07/06/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!