PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-59089 Red Hat CVE debrief

A flaw was found in GIMP. The PlayStation TIM loader incorrectly calculates the size of the Color Look-Up Table (CLUT) due to an integer overflow. This occurs when multiplying num_colors and num_cluts, both 16-bit unsigned short integers, resulting in a value exceeding the maximum integer limit. An attacker could exploit this by providing a specially crafted image file, leading to undefined behavior and causing the GIMP plug-in to abort, effectively resulting in a denial of service.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 6
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-06
Original CVE updated
2026-07-07
Advisory published
2026-07-06
Advisory updated
2026-07-07

Who should care

Users of GIMP who process PlayStation image files should be aware of this vulnerability. Although exploitation leads to a denial of service, the potential for impact should be evaluated based on specific use cases and environments.

Technical summary

The PlayStation TIM loader in GIMP incorrectly handles the calculation of the Color Look-Up Table (CLUT) size. Specifically, an integer overflow occurs when multiplying two 16-bit unsigned short integers (num_colors and num_cluts), leading to a value that exceeds the maximum integer limit. This results in undefined behavior when processing specially crafted image files, causing the GIMP plug-in to abort.

Defensive priority

Medium priority should be given to patching this vulnerability, especially in environments where GIMP is used to process image files from untrusted sources.

Recommended defensive actions

  • Apply the official patch or update GIMP to a version that fixes this vulnerability.
  • Restrict the use of GIMP to trusted image files only.
  • Monitor GIMP logs for abnormal termination of the plug-in, which may indicate exploitation attempts.
  • Perform a thorough review of GIMP configurations and ensure that only necessary plug-ins are enabled.
  • Implement additional monitoring to detect potential exploitation attempts in the environment.
  • Verify that all GIMP users are aware of the vulnerability and its potential impact.
  • Conduct a vulnerability scan to identify any other instances of GIMP that may be vulnerable.

Evidence notes

The CVE record was published on 2026-07-06T20:16:38.433Z and was last modified on 2026-07-07T13:57:07.790Z. The NVD entry is currently Awaiting Analysis. References include Red Hat's security advisory and GIMP's issue tracker.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T20:16:38.433Z and has not been modified since then. The NVD entry is currently Awaiting Analysis.