Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Debian Bullseye GEGL Critical Buffer Overflow DoS DLA-4487-1 CVE-2026-2049

debian lts
Calendar Grey February 21, 2026
Dist Debian Esm H88
Explore the Debian LTS advisory on GEGL addressing a critical buffer overflow risk leading to DoS.
A heap-based buffer overflow was discovered in the RGBE/HDR parser of GEGL, a graph-based image processing library, which could result in denial of service or the execution of arbi...

Summary

A heap-based buffer overflow was discovered in the RGBE/HDR parser of
GEGL, a graph-based image processing library, which could result in
denial of service or the execution of arbitrary code if malformed files
are processed.


For Debian 11 bullseye, these problems have been fixed in version
1:0.4.26-2+deb11u2.

We recommend that you upgrade your gegl packages.

For the detailed security status of gegl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/gegl

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: gegl
Version: 1:0.4.26-2+deb11u2
CVE ID: CVE-2026-2049 CVE-2026-2050

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here