Primary

Context

GIMP PVR Image Loader Stack-Based Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in GIMP's PVR image loader. Processing specially crafted PVR image files with large dimensions can cause the application to crash. This issue arises from a stack-based buffer overflow and an out-of-bounds read, creating a vulnerability that affects systems handling untrusted PVR images.

Impact

Exploiting this vulnerability causes GIMP to crash, interrupting any ongoing work and potentially leading to data loss.

Remediation

Users are advised to avoid processing untrusted PVR image files, especially from unknown or suspicious sources. If GIMP is used to open such files, consider doing so in a sandboxed environment to minimize potential impact.

Added: Apr 15, 2026, 9:34 PM

Updated: Apr 15, 2026, 9:34 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.9

exploitability

4.2

remediation

7.9

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

1.9

exploitability

4.2

remediation

7.9

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GIMP PVR Image Loader Stack-Based Buffer Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

GIMP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating