Red Hat Product Errata RHSA-2025:9501 - Security Advisory
Issued:
2025-06-24
Updated:
2025-06-24

RHSA-2025:9501 - Security Advisory

Synopsis

Important: gimp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gimp is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

  • gimp: Multiple use after free in XCF parser (CVE-2025-48798)
  • gimp: Multiple heap buffer overflows in TGA parser (CVE-2025-48797)
  • gimp: GIMP ICO File Parsing Integer Overflow (CVE-2025-5473)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 2368557 - CVE-2025-48798 gimp: Multiple use after free in XCF parser
  • BZ - 2368558 - CVE-2025-48797 gimp: Multiple heap buffer overflows in TGA parser
  • BZ - 2370867 - CVE-2025-5473 gimp: GIMP ICO File Parsing Integer Overflow

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
gimp-2.8.22-1.el7_9.2.src.rpm SHA-256: 627578c18160eabb5248d8fe3ae42eb3597d67253b9ae8d99bef33385ba30ccc
x86_64
gimp-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: 011c38bcd1de7ae88d5da899f1a89c413030f8682098fa2be1715607bfbaed75
gimp-debuginfo-2.8.22-1.el7_9.2.i686.rpm SHA-256: f70b69737c9161312932f4459e7b8707a831b1d5f1e194b05e95303102ab392e
gimp-debuginfo-2.8.22-1.el7_9.2.i686.rpm SHA-256: f70b69737c9161312932f4459e7b8707a831b1d5f1e194b05e95303102ab392e
gimp-debuginfo-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: b619631ab5014da48b55684d4c9d5f10a0e066127a039ed10c8feac391f033a8
gimp-debuginfo-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: b619631ab5014da48b55684d4c9d5f10a0e066127a039ed10c8feac391f033a8
gimp-devel-2.8.22-1.el7_9.2.i686.rpm SHA-256: 8049250817ed29930370199fa588c3d0f196245d378a6d0388056f9111635b9c
gimp-devel-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: f23c507b748544fbc9d5f0892259275a4474a7610267373e7ce8c90cd0ebfe4e
gimp-devel-tools-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: 47043db8450a6a03b7e46017fbfebe05f0973871f15b2f27dd039d475a9e6581
gimp-libs-2.8.22-1.el7_9.2.i686.rpm SHA-256: e8f00f2a784996b161d929cc078c631751868f7f7ff3311283986b4e0f3ec54d
gimp-libs-2.8.22-1.el7_9.2.x86_64.rpm SHA-256: 17d6187bfea08c7b019a64afc74a3801491261d69662cc908798a3db0ebd9c6e

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
gimp-2.8.22-1.el7_9.2.src.rpm SHA-256: 627578c18160eabb5248d8fe3ae42eb3597d67253b9ae8d99bef33385ba30ccc
s390x
gimp-2.8.22-1.el7_9.2.s390x.rpm SHA-256: 4e17f4499c0c86ec8f3c2f9b109e12aa8d0dd484edf343205c0822041c52fb54
gimp-debuginfo-2.8.22-1.el7_9.2.s390x.rpm SHA-256: 0abda6b2463738a99b9423f5305b682e31e05845de244e5b6e9c396e732675b1
gimp-devel-2.8.22-1.el7_9.2.s390x.rpm SHA-256: 382b11aac2f2a5397eb8682b35fcb60bce575822fe3eb7a1c9d1edbeefce486c
gimp-devel-tools-2.8.22-1.el7_9.2.s390x.rpm SHA-256: 6e6ef60bb4f5d51fd9713472e172fa87f1cc10bf22c1f54ae8d46ff5a55b1b3f
gimp-libs-2.8.22-1.el7_9.2.s390x.rpm SHA-256: 111e1aba3751c683f45b9816f6e63fb14902eb88ce141c4ca20a12f717334ba4

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
gimp-2.8.22-1.el7_9.2.src.rpm SHA-256: 627578c18160eabb5248d8fe3ae42eb3597d67253b9ae8d99bef33385ba30ccc
ppc64
gimp-2.8.22-1.el7_9.2.ppc64.rpm SHA-256: cc491cc93d2939500c9d6aa6ffc49387e4a53e7be0824e9e863fbe3017e63c36
gimp-debuginfo-2.8.22-1.el7_9.2.ppc64.rpm SHA-256: 408995854037c666cfda21f307a2058538055263e81181ce14ec1752501d7b2f
gimp-devel-2.8.22-1.el7_9.2.ppc64.rpm SHA-256: 6e700ed820716555ca28256b0bce0221cbea6cb5e1f4bc81015b51b538ddaa14
gimp-devel-tools-2.8.22-1.el7_9.2.ppc64.rpm SHA-256: 56fb9d110d4bab3c710cd14a6cadcd04aa3cd0d6f22dc11b171691f987ab3fa4
gimp-libs-2.8.22-1.el7_9.2.ppc64.rpm SHA-256: a0d0da1bb3bfaa9048eb99c5a71da0e2635f90f0559ebea832cc9bfb052f362f

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
gimp-2.8.22-1.el7_9.2.src.rpm SHA-256: 627578c18160eabb5248d8fe3ae42eb3597d67253b9ae8d99bef33385ba30ccc
ppc64le
gimp-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: ae0ac1168b603100f1b32df6c0406f47721ce10c1f85aa214fb2ced51c93daea
gimp-debuginfo-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: 2e671419c57a42a5fa271464db7d5c757a9177dc2162668869ffa948e63c9d31
gimp-debuginfo-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: 2e671419c57a42a5fa271464db7d5c757a9177dc2162668869ffa948e63c9d31
gimp-devel-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: 2fecc265d5edc3218070b18372378d0b49dafc8f28eb8a880fdc20341e98f063
gimp-devel-tools-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: 28858011a8f5c3a2fe6944f4216532b8437bdb1289be6925f3940a5e3d8926ea
gimp-libs-2.8.22-1.el7_9.2.ppc64le.rpm SHA-256: b298167e6725a3b8950a5a0c8db0dca6be153294e4ff54d42ff2a1a9c9242c2d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.