ALSA-2026:4173

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

• gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)
• gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
• gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
• gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
• gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.