A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
None — requires opening a crafted PSD file.
References
History
Tue, 07 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 07 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution. | |
| Title | Gimp: gimp: integer overflow in read_rle_channel() | |
| First Time appeared |
Redhat
Redhat enterprise Linux |
|
| Weaknesses | CWE-190 | |
| CPEs | cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
| Vendors & Products |
Redhat
Redhat enterprise Linux |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-07T13:31:00.757Z
Reserved: 2026-06-30T16:54:04.312Z
Link: CVE-2026-58384
Updated: 2026-07-07T13:30:33.413Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses