The GIMP DDS Plugin could be made to crash or run programs as
your login if it opened a specially crafted file.
Software Description:
- gimp-dds: DDS (DirectDraw Surface) plugin for GIMP
Details:
Jacob Boerema discovered that the GIMP DDS Plugin incorrectly
processed DDS files due to a memory issue. An attacker could
exploit this through a specifically crafted DDS file to cause
GIMP to crash, resulting in a denial of service, or possibly
execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS gimp-dds 3.0.1-1+deb10u1build0.22.04.1 Ubuntu 20.04 LTS gimp-dds 3.0.1-1+deb10u1build0.20.04.1 Ubuntu 18.04 LTS gimp-dds 3.0.1-1+deb10u1build0.18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS gimp-dds 3.0.1-1+deb10u1build0.16.04.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7209-1
CVE-2023-44441
Get the latest Linux and open source security news straight to your inbox.