An update for gimp is now available for openEuler-24.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-2364 Final 1.0 1.0 2025-10-11 Initial 2025-10-11 2025-10-11 openEuler SA Tool V1.0 2025-10-11 gimp security update An update for gimp is now available for openEuler-24.03-LTS-SP2 The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing, and conversions, together with multilevel undo. The GIMP offers a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. Security Fix(es): A vulnerability was found in GIMP (Image Processing Software) that has been declared as critical. The CWE definition for the vulnerability is CWE-787 (Out-of-bounds Write). The product writes data past the end, or before the beginning, of the intended buffer. As an impact it is known to affect confidentiality, integrity, and availability. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2025-10920) A critical vulnerability was found in GIMP (Image Processing Software) involving CWE-122 heap-based buffer overflow. Attackers can trigger buffer overflow in heap memory through specially crafted DCM files, impacting confidentiality, integrity, and availability.(CVE-2025-10922) A critical vulnerability was found in GIMP (Image Processing Software). The vulnerability involves CWE-190 integer overflow issue, where the product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. Impact includes confidentiality, integrity, and availability.(CVE-2025-10923) A vulnerability was found in GIMP (Image Processing Software) (unknown version). It has been classified as critical. CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. This is going to have an impact on confidentiality, integrity, and availability. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2025-10924) A critical vulnerability was found in GIMP (Image Processing Software) (affected version not known). The issue is classified as CWE-121 (Stack-based Buffer Overflow). A stack-based buffer overflow condition occurs when the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This impacts confidentiality, integrity, and availability. Applying a patch can eliminate this problem, and the bugfix is available for download at gitlab.gnome.org.(CVE-2025-10925) An update for gimp is now available for openEuler-24.03-LTS-SP2. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High gimp https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-10920 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-10922 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-10923 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-10924 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-10925 https://nvd.nist.gov/vuln/detail/CVE-2025-10920 https://nvd.nist.gov/vuln/detail/CVE-2025-10922 https://nvd.nist.gov/vuln/detail/CVE-2025-10923 https://nvd.nist.gov/vuln/detail/CVE-2025-10924 https://nvd.nist.gov/vuln/detail/CVE-2025-10925 openEuler-24.03-LTS-SP2 gimp-3.0.2-4.oe2403sp2.src.rpm gimp-3.0.2-4.oe2403sp2.x86_64.rpm gimp-debuginfo-3.0.2-4.oe2403sp2.x86_64.rpm gimp-debugsource-3.0.2-4.oe2403sp2.x86_64.rpm gimp-devel-3.0.2-4.oe2403sp2.x86_64.rpm gimp-extension-goat-excercises-3.0.2-4.oe2403sp2.x86_64.rpm gimp-libs-3.0.2-4.oe2403sp2.x86_64.rpm gimp-plugin-aa-3.0.2-4.oe2403sp2.x86_64.rpm gimp-plugin-python3-3.0.2-4.oe2403sp2.x86_64.rpm gimp-vala-3.0.2-4.oe2403sp2.x86_64.rpm gimp-3.0.2-4.oe2403sp2.aarch64.rpm gimp-debuginfo-3.0.2-4.oe2403sp2.aarch64.rpm gimp-debugsource-3.0.2-4.oe2403sp2.aarch64.rpm gimp-devel-3.0.2-4.oe2403sp2.aarch64.rpm gimp-extension-goat-excercises-3.0.2-4.oe2403sp2.aarch64.rpm gimp-libs-3.0.2-4.oe2403sp2.aarch64.rpm gimp-plugin-aa-3.0.2-4.oe2403sp2.aarch64.rpm gimp-plugin-python3-3.0.2-4.oe2403sp2.aarch64.rpm gimp-vala-3.0.2-4.oe2403sp2.aarch64.rpm A vulnerability was found in GIMP (Image Processing Software) that has been declared as critical. The CWE definition for the vulnerability is CWE-787 (Out-of-bounds Write). The product writes data past the end, or before the beginning, of the intended buffer. As an impact it is known to affect confidentiality, integrity, and availability. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. 2025-10-11 CVE-2025-10920 openEuler-24.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H gimp security update 2025-10-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364 A critical vulnerability was found in GIMP (Image Processing Software) involving CWE-122 heap-based buffer overflow. Attackers can trigger buffer overflow in heap memory through specially crafted DCM files, impacting confidentiality, integrity, and availability. 2025-10-11 CVE-2025-10922 openEuler-24.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H gimp security update 2025-10-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364 A critical vulnerability was found in GIMP (Image Processing Software). The vulnerability involves CWE-190 integer overflow issue, where the product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. Impact includes confidentiality, integrity, and availability. 2025-10-11 CVE-2025-10923 openEuler-24.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H gimp security update 2025-10-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364 A vulnerability was found in GIMP (Image Processing Software) (unknown version). It has been classified as critical. CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. This is going to have an impact on confidentiality, integrity, and availability. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. 2025-10-11 CVE-2025-10924 openEuler-24.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H gimp security update 2025-10-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364 A critical vulnerability was found in GIMP (Image Processing Software) (affected version not known). The issue is classified as CWE-121 (Stack-based Buffer Overflow). A stack-based buffer overflow condition occurs when the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This impacts confidentiality, integrity, and availability. Applying a patch can eliminate this problem, and the bugfix is available for download at gitlab.gnome.org. 2025-10-11 CVE-2025-10925 openEuler-24.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H gimp security update 2025-10-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2364