A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculates the size of the Color Look-Up Table (CLUT) due to an integer overflow. This occurs when multiplying numcolors and numcluts, both 16-bit unsigned short integers, resulting in a value exceeding the maximum integer limit. An attacker could exploit this by providing a specially crafted image file, leading to undefined behavior and causing the GIMP plug-in to abort, effectively resulting in a denial of service.
{
"binaries": [
{
"binary_name": "gimp",
"binary_version": "3.0.4-6.1"
},
{
"binary_name": "gimp-data",
"binary_version": "3.0.4-6.1"
},
{
"binary_name": "gir1.2-gimp-3.0",
"binary_version": "3.0.4-6.1"
},
{
"binary_name": "libgimp-3.0-0",
"binary_version": "3.0.4-6.1"
},
{
"binary_name": "libgimp-3.0-bin",
"binary_version": "3.0.4-6.1"
}
]
}{
"binaries": [
{
"binary_name": "gimp",
"binary_version": "3.2.2-1"
},
{
"binary_name": "gimp-data",
"binary_version": "3.2.2-1"
},
{
"binary_name": "gir1.2-gimp-3.0",
"binary_version": "3.2.2-1"
},
{
"binary_name": "libgimp-3.0-0",
"binary_version": "3.2.2-1"
},
{
"binary_name": "libgimp-3.0-bin",
"binary_version": "3.2.2-1"
}
]
}