{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-40918","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2026-04-15T18:38:30.106Z","datePublished":"2026-04-15T18:59:14.823Z","dateUpdated":"2026-04-20T17:10:52.907Z"},"containers":{"cna":{"title":"Gimp: gimp: denial of service via crafted pvr image file","metrics":[{"other":{"content":{"value":"Moderate","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that process untrusted PVR image files are affected."}],"affected":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gimp","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gimp","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gimp:2.8/gimp","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gimp","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-40918","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458747","name":"RHBZ#2458747","tags":["issue-tracking","x_refsource_REDHAT"]}],"datePublic":"2026-04-15T18:41:40.251Z","problemTypes":[{"descriptions":[{"cweId":"CWE-131","description":"Incorrect Calculation of Buffer Size","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-131: Incorrect Calculation of Buffer Size","workarounds":[{"lang":"en","value":"To reduce the risk associated with this vulnerability, avoid processing untrusted PVR image files. Users should exercise caution when opening PVR files from unknown or suspicious sources. If the PVR image loader is part of an application that processes untrusted content, consider running that application in a sandboxed environment to limit potential impact."}],"timeline":[{"lang":"en","time":"2026-04-15T18:35:03.273Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-04-15T18:41:40.251Z","value":"Made public."}],"credits":[{"lang":"en","value":"Red Hat would like to thank mzfr for reporting this issue."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2026-04-20T17:10:52.907Z"},"x_generator":{"engine":"cvelib 1.8.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-04-16T14:13:07.619463Z","id":"CVE-2026-40918","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-04-16T14:13:39.099Z"}}]}}