Stack-based Overflow Vulnerability in GIMP Affecting ANI File Processing
CVE-2025-48796

7.3HIGH

Key Information:

Status
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
27 May 2025

What is CVE-2025-48796?

A vulnerability in GIMP has been identified, specifically within the ani_load_image() function, which processes ANI files. This flaw allows a crafted ANI file to result in a stack-based overflow, enabling attackers to execute arbitrary code. Users opening affected ANI files may inadvertently compromise their systems, leading to significant security risks. Mitigation strategies should be implemented to safeguard against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/security/cve/CVE-2025-48796
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2368559
issue-trackingx_refsource_REDHAT
https://gitlab.gnome.org/GNOME/gimp/-/issues/9257

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.