Mageia 8 and 9: Critical RCE Vulnerabilities in GIMP Discovered 2023-0346
mageia
December 15, 2023
GIMP has been updated to version 2.10.36 to fix several security issues
Summary
GIMP has been updated to version 2.10.36 to fix several security issues.
CVE-2023-44441: GIMP DDS File Parsing Heap-based Buffer Overflow Remote
Code Execution Vulnerability
CVE-2023-44442: GIMP PSD File Parsing Heap-based Buffer Overflow Remote
Code Execution Vulnerability
CVE-2023-44443: GIMP PSP File Parsing Integer Overflow Remote Code
Execution Vulnerability
CVE-2023-44444: GIMP PSP File Parsing Off-By-One Remote Code Execution
Vulnerability
References
- https://bugs.mageia.org/show_bug.cgi?id=32548
- https://www.openwall.com/lists/oss-security/2023/11/20/3
- https://www.cve.org/CVERecord?id=CVE-2023-44441
- https://www.cve.org/CVERecord?id=CVE-2023-44442
- https://www.cve.org/CVERecord?id=CVE-2023-44443
- https://www.cve.org/CVERecord?id=CVE-2023-44444
Topics Covered
Resolution
SRPMS
- 9/core/gimp-2.10.36-1.mga9
- 8/core/gimp-2.10.36-1.mga8
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 15 Dec 2023
URL: https://advisories.mageia.org/MGASA-2023-0346.html
Type: security
CVE: CVE-2023-44441,
CVE-2023-44442,
CVE-2023-44443,
CVE-2023-44444
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!