Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Ubuntu 22.04 LTS USN-7209-1 moderate: gimp-dds DoS cause and fix

ubuntu
Calendar Grey January 16, 2025
Dist Ubuntu Esm H88
The recent security notice related to the GIMP DDS Plugin reveals a potential flaw impacting various iterations of Ubuntu, announced on January 16, 2025.
The GIMP DDS Plugin could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

The GIMP DDS Plugin could be made to crash or run programs as

your login if it opened a specially crafted file.

Software Description:

- gimp-dds: DDS (DirectDraw Surface) plugin for GIMP

Details:

Jacob Boerema discovered that the GIMP DDS Plugin incorrectly

processed DDS files due to a memory issue. An attacker could

exploit this through a specifically crafted DDS file to cause

GIMP to crash, resulting in a denial of service, or possibly

execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
gimp-dds 3.0.1-1+deb10u1build0.22.04.1

Ubuntu 20.04 LTS
gimp-dds 3.0.1-1+deb10u1build0.20.04.1

Ubuntu 18.04 LTS
gimp-dds 3.0.1-1+deb10u1build0.18.04.1~esm1
Available with Ubuntu Pro

Ubuntu 16.04 LTS
gimp-dds 3.0.1-1+deb10u1build0.16.04.1~esm1
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7209-1

CVE-2023-44441

Ubuntu Security Notice USN-7209-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here