Not a user yet?
Log in Register for free Suggest a product
Update

USN-8075-1: GIMP vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical

USN-8075-1: GIMP vulnerabilities
Publication date: 4 March 2026
Overview: Several security issues were fixed in GIMP.

Packages
gimp - GNU Image Manipulation Program

Details
Michael Randrianantenaina discovered that calculating the linear size of a
DDS file could overflow on 32-bit systems. An attacker could possibly use
this issue to cause a denial of service or execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04
LTS. (CVE-2025-2760)

Michael Randrianantenaina discovered that GIMP did not perform any bounds
checking when calculating an offset into XWD Colormaps. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-10934)

It was discovered that GIMP’s PNM loader did not sufficiently check that
the image could fit within the allocated memory, which could cause GIMP to
read or write out-of-bounds. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2025-14422)

It was discovered that maliciously-crafted TGA files could cause memory
corruption and leave GIMP in an inconsistent state. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2025-48797)

It was discovered that a maliciously-crafted XCF file could cause GIMP to
free the same memory region twice, or access an already freed address. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2025-48798)

Update instructions
In general, a standard system update will make all the necessary changes.

24.04 LTS noble

  • gimp – 2.10.36-3ubuntu0.24.04.1+esm2
  • libgimp2.0t64 – 2.10.36-3ubuntu0.24.04.1+esm2

22.04 LTS jammy

  • gimp – 2.10.30-1ubuntu0.1+esm2
  • libgimp2.0 – 2.10.30-1ubuntu0.1+esm2

20.04 LTS focal

  • gimp – 2.10.18-1ubuntu0.1+esm2
  • libgimp2.0 – 2.10.18-1ubuntu0.1+esm2

18.04 LTS bionic

  • gimp – 2.8.22-1ubuntu0.1~esm2
  • libgimp2.0 – 2.8.22-1ubuntu0.1~esm2

16.04 LTS xenial

  • gimp – 2.8.16-1ubuntu1.1+esm2
  • libgimp2.0 – 2.8.16-1ubuntu1.1+esm2
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad