CVE-2025-48798 - Vulnerability Details

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Tus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7 Extended Lifecycle Support
gimp-2:2.8.22-1.el7_9.2	cpe:/o:redhat:rhel_els:7	RHSA-2025:9501	2025-06-24T00:00:00Z
Red Hat Enterprise Linux 8
gimp:2.8-8100020250614205641.4c9c024f	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:9165	2025-06-17T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
gimp:2.8-8020020250618101631.c3a0935b	cpe:/a:redhat:rhel_aus:8.2	RHSA-2025:9310	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
gimp:2.8-8040020250618100956.70584597	cpe:/a:redhat:rhel_aus:8.4	RHSA-2025:9308	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
gimp:2.8-8060020250618100419.6af1eaf0	cpe:/a:redhat:rhel_aus:8.6	RHSA-2025:9309	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
gimp:2.8-8060020250618100419.6af1eaf0	cpe:/a:redhat:rhel_tus:8.6	RHSA-2025:9309	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
gimp:2.8-8060020250618100419.6af1eaf0	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2025:9309	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
gimp:2.8-8080020250623120629.0621e4ee	cpe:/a:redhat:rhel_tus:8.8	RHSA-2025:9569	2025-06-24T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
gimp:2.8-8080020250623120629.0621e4ee	cpe:/a:redhat:rhel_e4s:8.8	RHSA-2025:9569	2025-06-24T00:00:00Z
Red Hat Enterprise Linux 9
gimp-2:2.99.8-4.el9_6.2	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:9162	2025-06-17T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
gimp-2:2.99.8-3.el9_0.1	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2025:9315	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
gimp-2:2.99.8-4.el9_2.1	cpe:/a:redhat:rhel_e4s:9.2	RHSA-2025:9314	2025-06-23T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
gimp-2:2.99.8-4.el9_4.1	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:9316	2025-06-23T00:00:00Z

References

Link	Providers
https://access.redhat.com/errata/RHSA-2025:9162
https://access.redhat.com/errata/RHSA-2025:9165
https://access.redhat.com/errata/RHSA-2025:9308
https://access.redhat.com/errata/RHSA-2025:9309
https://access.redhat.com/errata/RHSA-2025:9310
https://access.redhat.com/errata/RHSA-2025:9314
https://access.redhat.com/errata/RHSA-2025:9315
https://access.redhat.com/errata/RHSA-2025:9316
https://access.redhat.com/errata/RHSA-2025:9501
https://access.redhat.com/errata/RHSA-2025:9569
https://access.redhat.com/security/cve/CVE-2025-48798
https://bugzilla.redhat.com/show_bug.cgi?id=2368557
https://nvd.nist.gov/vuln/detail/CVE-2025-48798
https://www.cve.org/CVERecord?id=CVE-2025-48798

History

Wed, 25 Jun 2025 15:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:8.8 cpe:/a:redhat:rhel_tus:8.8

Wed, 25 Jun 2025 00:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
References		https://access.redhat.com/errata/RHSA-2025:9569

Tue, 24 Jun 2025 12:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Els
CPEs	~~cpe:/o:redhat:enterprise_linux:7~~	cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Els
References		https://access.redhat.com/errata/RHSA-2025:9501

Mon, 23 Jun 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_aus:8.2 cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_e4s:9.2 cpe:/a:redhat:rhel_eus:9.4 cpe:/a:redhat:rhel_tus:8.6

Mon, 23 Jun 2025 06:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus
CPEs		cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Vendors & Products		Redhat rhel Aus Redhat rhel E4s Redhat rhel Eus Redhat rhel Tus
References		https://access.redhat.com/errata/RHSA-2025:9308 https://access.redhat.com/errata/RHSA-2025:9309 https://access.redhat.com/errata/RHSA-2025:9310 https://access.redhat.com/errata/RHSA-2025:9314 https://access.redhat.com/errata/RHSA-2025:9315 https://access.redhat.com/errata/RHSA-2025:9316

Tue, 17 Jun 2025 16:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9

Tue, 17 Jun 2025 09:30:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:8::appstream
References		https://access.redhat.com/errata/RHSA-2025:9165

Tue, 17 Jun 2025 09:15:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream
References		https://access.redhat.com/errata/RHSA-2025:9162

Tue, 27 May 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 27 May 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description	No description is available for this CVE.	A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
Title	gimp: Multiple use after free in XCF parser	Gimp: multiple use after free in xcf parser
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux
References		https://access.redhat.com/security/cve/CVE-2025-48798 https://bugzilla.redhat.com/show_bug.cgi?id=2368557

Tue, 27 May 2025 02:45:00 +0000

Type	Values Removed	Values Added
Description		No description is available for this CVE.
Title		gimp: Multiple use after free in XCF parser
Weaknesses		CWE-416
References		https://nvd.nist.gov/vuln/detail/CVE-2025-48798 https://www.cve.org/CVERecord?id=CVE-2025-48798
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}` threat_severity `Important`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2025-05-27T14:05:12.977Z

Updated: 2025-06-26T13:38:38.255Z

Reserved: 2025-05-26T10:51:51.496Z

Link: CVE-2025-48798

Vulnrichment

Updated: 2025-05-27T14:22:06.300Z

NVD

Status : Awaiting Analysis

Published: 2025-05-27T14:15:24.307

Modified: 2025-06-25T01:15:23.220

Link: CVE-2025-48798

Redhat

Severity : Important

Publid Date: 2025-05-26T00:00:00Z

Links: CVE-2025-48798 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-48798", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-05-26T10:51:51.496Z", "datePublished": "2025-05-27T14:05:12.977Z", "dateUpdated": "2025-06-26T13:38:38.255Z"}, "containers": {"cna": {"title": "Gimp: multiple use after free in xcf parser", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:2.8.22-1.el7_9.2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_els:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8100020250614205641.4c9c024f", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8020020250618101631.c3a0935b", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8040020250618100956.70584597", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_aus:8.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8080020250623120629.0621e4ee", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.8::appstream", "cpe:/a:redhat:rhel_tus:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp:2.8", "defaultStatus": "affected", "versions": [{"version": "8080020250623120629.0621e4ee", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.8::appstream", "cpe:/a:redhat:rhel_tus:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:2.99.8-4.el9_6.2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:2.99.8-3.el9_0.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:2.99.8-4.el9_2.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "affected", "versions": [{"version": "2:2.99.8-4.el9_4.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gimp", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:9162", "name": "RHSA-2025:9162", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9165", "name": "RHSA-2025:9165", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9308", "name": "RHSA-2025:9308", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9309", "name": "RHSA-2025:9309", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9310", "name": "RHSA-2025:9310", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9314", "name": "RHSA-2025:9314", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9315", "name": "RHSA-2025:9315", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9316", "name": "RHSA-2025:9316", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9501", "name": "RHSA-2025:9501", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9569", "name": "RHSA-2025:9569", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-48798", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368557", "name": "RHBZ#2368557", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2025-05-26T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "Use After Free", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-416: Use After Free", "workarounds": [{"lang": "en", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}], "timeline": [{"lang": "en", "time": "2025-05-26T10:33:15.119000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-26T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-06-25T00:28:16.412Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-27T14:21:28.420081Z", "id": "CVE-2025-48798", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T13:38:38.255Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-48798", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-27T14:21:28.420081Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-27T14:22:06.300Z"}}], "cna": {"title": "Gimp: multiple use after free in xcf parser", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/o:redhat:rhel_els:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "versions": [{"status": "unaffected", "version": "2:2.8.22-1.el7_9.2", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "8100020250614205641.4c9c024f", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "versions": [{"status": "unaffected", "version": "8020020250618101631.c3a0935b", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_aus:8.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "8040020250618100956.70584597", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "8060020250618100419.6af1eaf0", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.8::appstream", "cpe:/a:redhat:rhel_tus:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "8080020250623120629.0621e4ee", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.8::appstream", "cpe:/a:redhat:rhel_tus:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "8080020250623120629.0621e4ee", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp:2.8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "2:2.99.8-4.el9_6.2", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "2:2.99.8-3.el9_0.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "2:2.99.8-4.el9_2.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "2:2.99.8-4.el9_4.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "gimp", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}], "timeline": [{"lang": "en", "time": "2025-05-26T10:33:15.119000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-26T00:00:00+00:00", "value": "Made public."}], "datePublic": "2025-05-26T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:9162", "name": "RHSA-2025:9162", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9165", "name": "RHSA-2025:9165", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9308", "name": "RHSA-2025:9308", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9309", "name": "RHSA-2025:9309", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9310", "name": "RHSA-2025:9310", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9314", "name": "RHSA-2025:9314", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9315", "name": "RHSA-2025:9315", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9316", "name": "RHSA-2025:9316", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9501", "name": "RHSA-2025:9501", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9569", "name": "RHSA-2025:9569", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-48798", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368557", "name": "RHBZ#2368557", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "workarounds": [{"lang": "en", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "Use After Free"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-06-25T00:28:16.412Z"}, "x_redhatCweChain": "CWE-416: Use After Free"}}, "cveMetadata": {"cveId": "CVE-2025-48798", "state": "PUBLISHED", "dateUpdated": "2025-06-26T13:38:38.255Z", "dateReserved": "2025-05-26T10:51:51.496Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-05-27T14:05:12.977Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues."}, {"lang": "es", "value": "Se detect\u00f3 una falla en GIMP al procesar archivos de imagen XCF. Si un usuario abre uno de estos archivos de imagen, manipulado espec\u00edficamente por un atacante, GIMP puede ser enga\u00f1ado y provocar graves errores de memoria, lo que podr\u00eda provocar fallos y problemas de use-after-free."}], "id": "CVE-2025-48798", "lastModified": "2025-06-25T01:15:23.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2025-05-27T14:15:24.307", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9162"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9165"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9308"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9309"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9310"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9314"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9315"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9316"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9501"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9569"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-48798"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368557"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:9501", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "gimp-2:2.8.22-1.el7_9.2", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-06-24T00:00:00Z"}, {"advisory": "RHSA-2025:9165", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "gimp:2.8-8100020250614205641.4c9c024f", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-17T00:00:00Z"}, {"advisory": "RHSA-2025:9310", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "gimp:2.8-8020020250618101631.c3a0935b", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9308", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "gimp:2.8-8040020250618100956.70584597", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9309", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "gimp:2.8-8060020250618100419.6af1eaf0", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9309", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "gimp:2.8-8060020250618100419.6af1eaf0", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9309", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "gimp:2.8-8060020250618100419.6af1eaf0", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9569", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "gimp:2.8-8080020250623120629.0621e4ee", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-06-24T00:00:00Z"}, {"advisory": "RHSA-2025:9569", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "gimp:2.8-8080020250623120629.0621e4ee", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-06-24T00:00:00Z"}, {"advisory": "RHSA-2025:9162", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "gimp-2:2.99.8-4.el9_6.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-17T00:00:00Z"}, {"advisory": "RHSA-2025:9315", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "gimp-2:2.99.8-3.el9_0.1", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9314", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "gimp-2:2.99.8-4.el9_2.1", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9316", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "gimp-2:2.99.8-4.el9_4.1", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-06-23T00:00:00Z"}], "bugzilla": {"description": "gimp: Multiple use after free in XCF parser", "id": "2368557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368557"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-416", "details": ["A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.", "A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."}, "name": "CVE-2025-48798", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "gimp", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2025-05-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-48798\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-48798"], "statement": "This vulnerability in GIMP's XCF parser marked as Important rather than Moderate due to the nature and impact of the underlying memory management flaws\u2014specifically, use-after-free and double-free conditions. These are not just stability issues; they are well-known, high-severity primitives that attackers often exploit to achieve arbitrary code execution. Given that GIMP is a widely used graphics application and image files are routinely exchanged, the attack vector is easily accessible and plausible through social engineering (e.g., email attachments or file downloads). Furthermore, such vulnerabilities occur during file parsing\u2014a stage often executed automatically upon file open\u2014minimizing user interaction and maximizing the risk.", "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object