PatchSiren cyber security CVE debrief
CVE-2026-58384 Red Hat CVE debrief
CVE-2026-58384 is an integer overflow vulnerability in GIMP's PSD parser. The flaw can cause memory corruption, potentially leading to denial of service or code execution. This vulnerability affects users of GIMP, especially those processing PSD files from untrusted sources. The vulnerability has a high severity score of 7.3 and is classified as HIGH. There is currently no information on known ransomware campaign use.
- Vendor
- Red Hat
- Product
- Red Hat Enterprise Linux 6
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-07
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-07
- Advisory updated
- 2026-07-07
Who should care
Users of GIMP, especially those processing PSD files from untrusted sources, should apply patches promptly. This includes developers, designers, and anyone using GIMP for image processing. The vulnerability has a high severity score and could lead to significant impact if exploited.
Technical summary
An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table. Subsequent per-row writes can then corrupt heap memory, potentially leading to denial of service or arbitrary code execution. The vulnerability is in GIMP's PSD parser and affects users processing PSD files from untrusted sources, particularly developers, designers, and others using GIMP for image processing. This could lead to significant impact if exploited, emphasizing the need for prompt patching and restricting PSD file processing to trusted sources.
Defensive priority
High priority due to potential for code execution and denial of service
Recommended defensive actions
- Apply patches promptly
- Restrict PSD file processing to trusted sources
- Monitor GIMP updates and security advisories
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-07T09:16:30.003Z and has not been modified since then. The NVD entry is currently Received. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the vendor. The vulnerability is an integer overflow in GIMP's PSD parser, which can cause memory corruption, potentially leading to denial of service or arbitrary code execution.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T09:16:30.003Z and has not been modified since then.