Nixpkgs Security Tracker

Login with GitHub

Details of issue NIXPKGS-2026-0802

NIXPKGS-2026-0802
published on 27 Mar 2026
Permalink CVE-2026-2272
4.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
updated 1 day, 2 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 day, 10 hours ago
  • @LeSuisse removed
    28 packages
    • zigimports
    • gimpPlugins.bimp
    • gimpPlugins.gimp
    • gimpPlugins.gmic
    • gimp-with-plugins
    • gimp2Plugins.bimp
    • gimp2Plugins.gimp
    • gimp2Plugins.gmic
    • gimp3Plugins.gimp
    • gimp3Plugins.gmic
    • gimp2-with-plugins
    • gimp3-with-plugins
    • gimpPlugins.fourier
    • gimp2Plugins.fourier
    • gimpPlugins.farbfeld
    • gimp2Plugins.farbfeld
    • gimpPlugins.lightning
    • gimpPlugins.lqrPlugin
    • gimpPlugins.texturize
    • gimp2Plugins.lightning
    • gimp2Plugins.lqrPlugin
    • gimp2Plugins.texturize
    • gimp3Plugins.lightning
    • gimpPlugins.gimplensfun
    • gimp2Plugins.gimplensfun
    • gimpPlugins.resynthesizer
    • gimpPlugins.waveletSharpen
    • gimp2Plugins.waveletSharpen
    1 day, 2 hours ago
  • @LeSuisse accepted 1 day, 2 hours ago
  • @LeSuisse published on GitHub 1 day, 2 hours ago
Gimp: gimp: memory corruption due to integer overflow in ico file handling

A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the `ico_read_info` and `ico_read_icon` functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized image headers to bypass security checks. A remote attacker could exploit this by providing a specially crafted ICO file, leading to a buffer overflow and memory corruption, which may result in an application level denial of service.

References

Affected products

gimp
gimp:2.8/gimp

Matching in nixpkgs

Ignored packages (28)

pkgs.gimpPlugins.lightning

None

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

pkgs.gimp2Plugins.lightning

None

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

Package maintainers

Upstream advisory: https://gitlab.gnome.org/GNOME/gimp/-/issues/15617