Memory Manipulation Flaw in GIMP Affects Image Processing
CVE-2025-48798

7.3HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 27 May 2025

What is CVE-2025-48798?

A vulnerability in GIMP has been identified related to the handling of specially crafted XCF image files. When an affected version processes these files, it can lead to critical memory errors, potentially resulting in application crashes and use-after-free conditions that can be exploited by attackers. This flaw poses significant security risks for users manipulating XCF images, making it crucial to apply necessary patches and updates.

References

https://access.redhat.com/security/cve/CVE-2025-48798

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2368557

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2025
Vulnerability Reserved
May 26, 2025

Red Hat

What is CVE-2025-48798?

References

CVSS V3.1

Timeline