Buffer Overflow Vulnerability in GIMP GIF Image Loader by Red Hat
CVE-2026-6384

7.3HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 15 April 2026

What is CVE-2026-6384?

A buffer overflow vulnerability exists within GIMP's GIF image loading mechanism, specifically in the 'ReadJeffsImage' function. When processing specially crafted GIF files, this flaw allows attackers to write data beyond the allocated buffer, potentially leading to a denial of service or enabling arbitrary code execution. This vulnerability emphasizes the importance of secure coding practices and the need for prompt software updates to mitigate risks associated with malicious file handling.

References

https://access.redhat.com/security/cve/CVE-2026-6384

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2458749

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 15, 2026

Credit

Red Hat would like to thank chamalsl for reporting this issue.

CVE-2026-6384 Data

JSON