Headline
CVE-2022-32990: Trigger a unhandled exception in GIMP 2.10.30 (#8230) · Issues · GNOME / GIMP
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
GNU Image Manipulation Program version 2.10.30
git-describe: Unknown, shouldn't happen
Build: org.gimp.GIMP_official rev 0 for windows
# C compiler #
Using built-in specs.
COLLECT_GCC=W:\msys64-gtk2\mingw64\bin\gcc.exe
COLLECT_LTO_WRAPPER=W:/msys64-gtk2/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/11.2.0/lto-wrapper.exe
Target: x86_64-w64-mingw32
Configured with: ../gcc-11.2.0/configure --prefix=/mingw64 --with-local-prefix=/mingw64/local --build=x86_64-w64-mingw32 --host=x86_64-w64-mingw32 --target=x86_64-w64-mingw32 --with-native-system-header-dir=/mingw64/x86_64-w64-mingw32/include --libexecdir=/mingw64/lib --enable-bootstrap --enable-checking=release --with-arch=x86-64 --with-tune=generic --enable-languages=c,lto,c++,fortran,ada,objc,obj-c++,jit --enable-shared --enable-static --enable-libatomic --enable-threads=posix --enable-graphite --enable-fully-dynamic-string --enable-libstdcxx-filesystem-ts --enable-libstdcxx-time --disable-libstdcxx-pch --disable-libstdcxx-debug --enable-lto --enable-libgomp --disable-multilib --disable-rpath --disable-win32-registry --disable-nls --disable-werror --disable-symvers --with-libiconv --with-system-zlib --with-gmp=/mingw64 --with-mpfr=/mingw64 --with-mpc=/mingw64 --with-isl=/mingw64 --with-pkgversion='Rev5, Built by MSYS2 project' --with-bugurl=https://github.com/msys2/MINGW-packages/issues --with-gnu-as --with-gnu-ld --with-boot-ldflags='-pipe -Wl,--dynamicbase,--high-entropy-va,--nxcompat,--default-image-base-high -Wl,--disable-dynamicbase -static-libstdc++ -static-libgcc' 'LDFLAGS_FOR_TARGET=-pipe -Wl,--dynamicbase,--high-entropy-va,--nxcompat,--default-image-base-high' --enable-linker-plugin-flags='LDFLAGS=-static-libstdc++\ -static-libgcc\ -pipe\ -Wl,--dynamicbase,--high-entropy-va,--nxcompat,--default-image-base-high\ -Wl,--stack,12582912'
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 11.2.0 (Rev5, Built by MSYS2 project)
# Libraries #
using babl version 0.1.88 (compiled against version 0.1.88)
using GEGL version 0.4.34 (compiled against version 0.4.34)
using GLib version 2.70.2 (compiled against version 2.70.2)
using GdkPixbuf version 2.42.6 (compiled against version 2.42.6)
using GTK+ version 2.24.33 (compiled against version 2.24.33)
using Pango version 1.50.2 (compiled against version 1.50.2)
using Fontconfig version 2.13.94 (compiled against version 2.13.94)
using Cairo version 1.17.4 (compiled against version 1.17.4)
-------------------
Error occurred on Friday, June 3, 2022 at 15:37:43.
gimp-2.10.exe caused an Access Violation at location 00007FF692DE9E5C in module gimp-2.10.exe Writing to location 000000000000008C.
AddrPC Params
00007FF692DE9E5C 000001C7F701D540 00007FF692DB3D5F 000001C700000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692DB55A4 000001C7F5B001D0 0000007EBE1FEE90 000001C700000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692DB6B74 0000007EBE1FEF52 00007FF6931F7610 0000000000000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692C83BCF 000001C7EBD2D290 00007FFBB6D653A6 0000000000000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692C7F340 000001C7EBDC8310 000001C7F663A430 000001C7B1B27370 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692C7F4F9 000001C7EBDC8810 000001C7F4594560 0000000000000001 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692D21BE0 000001C7EBEC7240 000001C7EBEF50B0 000001C700000003 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692D14FF9 0000000000000003 00007FF692D14AF4 0000000000000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692D0E43C 0000000000000000 0000000000000020 000001C7F7156780 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692D0E8B7 000001C7EBE70C80 000001C7EBECA230 000001C7F663A430 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692E304A4 0000000000000000 0000000000000000 000001C7F663A430 gimp-2.10.exe!gimp_core_pixbufs_get_resource
00007FF692DDA679 000001C7EBD2D290 0000000000000000 0000000000000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692DDA785 000001C7F7021760 000001C7F7043F10 000001C7F65BC168 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FF692C4AE7C 000001C7B3B79860 00007FFBB6B5BB20 0000000000000000 gimp-2.10.exe!gimp_tool_cursors_get_resource
00007FFBB6B58D47 000001C700000000 0000007EBE1FF688 000001C7B3B26870 libglib-2.0-0.dll!g_clear_list
00007FFBB6B5BEDE 0000000000000000 0000000000000000 000001C7EBD2D290 libglib-2.0-0.dll!g_main_context_check
00007FFBB6B5C3FC 0000000000000000 0000000000000000 0000000000000000 libglib-2.0-0.dll!g_main_loop_run
00007FF692A31A2B 00007FFC2C7093B0 000001C7B1B4E480 000001C7B1C00860 gimp-2.10.exe!0x7ff600001a2b
00007FF692ECF67F 0000000000000000 000001C7B1B50E60 0000000000000000 gimp-2.10.exe!gimp_core_pixbufs_get_resource
00007FF692A313B1 0000000000000000 0000000000000000 0000000000000000 gimp-2.10.exe!0x7ff6000013b1
00007FF692A314C6 0000000000000000 0000000000000000 0000000000000000 gimp-2.10.exe!0x7ff6000014c6
00007FFC2C7054E0 0000000000000000 0000000000000000 0000000000000000 KERNEL32.DLL!BaseThreadInitThunk
00007FFC2E80485B 0000000000000000 0000000000000000 0000000000000000 ntdll.dll!RtlUserThreadStart
gimp-2.10.exe 2.10.30.0
ntdll.dll 10.0.22000.653
KERNEL32.DLL 10.0.22000.675
KERNELBASE.dll 10.0.22000.675
msvcrt.dll 7.0.22000.1
ole32.dll 10.0.22000.120
msvcp_win.dll 10.0.22000.1
ucrtbase.dll 10.0.22000.1
GDI32.dll 10.0.22000.1
win32u.dll 10.0.22000.675
gdi32full.dll 10.0.22000.675
USER32.dll 10.0.22000.282
combase.dll 10.0.22000.653
RPCRT4.dll 10.0.22000.675
SHELL32.dll 10.0.22000.593
libgimpmodule-2.0-0.dll
libgimpcolor-2.0-0.dll
libgimpmath-2.0-0.dll
libgimpconfig-2.0-0.dll
libgimpthumb-2.0-0.dll
libgimpwidgets-2.0-0.dll
libgimpbase-2.0-0.dll
exchndl.dll 0.8.2.0
PSAPI.DLL 10.0.22000.1
libbabl-0.1-0.dll
libcairo-2.dll
dbghelp.dll 6.3.9600.17298
libfontconfig-1.dll
libgdk_pixbuf-2.0-0.dll 2.42.6.0
libfreetype-6.dll 2.11.1.0
ADVAPI32.dll 10.0.22000.653
sechost.dll 10.0.22000.556
libgexiv2-2.dll
libgio-2.0-0.dll 2.70.2.0
libgobject-2.0-0.dll 2.70.2.0
libglib-2.0-0.dll 2.70.2.0
SHLWAPI.dll 10.0.22000.1
WS2_32.dll 10.0.22000.1
libharfbuzz-0.dll
libintl-8.dll 0.19.8.0
libjson-glib-1.0-0.dll
liblcms2-2.dll
libmypaint-0.dll
libpangoft2-1.0-0.dll 1.50.2.0
libpango-1.0-0.dll 1.50.2.0
libpangocairo-1.0-0.dll 1.50.2.0
zlib1.dll
libgdk-win32-2.0-0.dll 2.24.33.0
libgegl-0.4-0.dll
libgegl-npd-0.4.dll
libgtk-win32-2.0-0.dll 2.24.33.0
IMM32.dll 10.0.22000.1
libgmodule-2.0-0.dll 2.70.2.0
mscms.dll 10.0.22000.469
comdlg32.dll 10.0.22000.527
VERSION.dll 10.0.22000.1
shcore.dll 10.0.22000.613
MSIMG32.dll 10.0.22000.1
mgwhelp.dll 0.8.2.0
libgcc_s_seh-1.dll
libpixman-1-0.dll
libexpat-1.dll
libpng16-16.dll
libiconv-2.dll 1.16.0.0
gdiplus.dll 10.0.22000.675
libbz2-1.dll
libbrotlidec.dll
libstdc++-6.dll
libffi-7.dll
DNSAPI.dll 10.0.22000.653
IPHLPAPI.DLL 10.0.22000.282
USP10.dll 10.0.22000.1
libexiv2.dll
libwinpthread-1.dll 1.0.0.0
libpcre-1.dll
libgraphite2.dll
libjson-c-5.dll
libpangowin32-1.0-0.dll 1.50.2.0
libfribidi-0.dll
libthai-0.dll
COMCTL32.dll 5.82.22000.1
bcrypt.dll 10.0.22000.1
cfgmgr32.dll 10.0.22000.1
WINSPOOL.DRV 10.0.22000.675
libatk-1.0-0.dll 2.36.0.0
libbrotlicommon.dll
libcurl-4.dll
CRYPT32.dll 10.0.22000.348
WLDAP32.dll 10.0.22000.675
libdatrie-1.dll
libnghttp2-14.dll
libidn2-0.dll
libcrypto-1_1-x64.dll 1.1.1.12
libpsl-5.dll
libssh2-1.dll
libssl-1_1-x64.dll 1.1.1.12
libzstd.dll
libunistring-2.dll 0.9.10.0
NSI.dll 10.0.22000.1
windows.storage.dll 10.0.22000.675
wintypes.dll 10.0.22000.527
kernel.appcore.dll 10.0.22000.71
bcryptPrimitives.dll 10.0.22000.376
uxtheme.dll 10.0.22000.120
MSCTF.dll 10.0.22000.527
avx2-int8.dll
cairo.dll
CIE.dll
double.dll
fast-float.dll
float.dll
gegl-fixups.dll
gggl-lies.dll
gggl-table-lies.dll
gggl-table.dll
gggl.dll
gimp-8bit.dll
grey.dll
half.dll
HCY.dll
HSL.dll
HSV.dll
naive-CMYK.dll
simple.dll
sse-half.dll
sse2-float.dll
sse2-int16.dll
sse2-int8.dll
sse4-int8.dll
two-table.dll
u16.dll
u32.dll
ycbcr.dll
gegl-core.dll
profapi.dll 10.0.22000.1
OLEAUT32.dll 10.0.22000.1
clbcatq.dll 2001.12.10941.16384
propsys.dll 7.0.22000.37
apphelp.dll 10.0.22000.282
NetworkExplorer.dll 10.0.22000.51
winhttp.dll 10.0.22000.1
exr-load.dll
libIlmImf-2_5.dll
libIex-2_5.dll
libHalf-2_5.dll
libIlmThread-2_5.dll
libImath-2_5.dll
gegl-common-gpl3.dll
gegl-common.dll
gif-load.dll
jp2-load.dll
libjasper-4.dll
libjpeg-8.dll
jpg-load.dll
pdf-load.dll
libpoppler-glib-8.dll
libpoppler-115.dll
nss3.dll 3.73.1.0
libnspr4.dll 4.31.0.0
libplc4.dll 4.31.0.0
smime3.dll 3.73.1.0
libopenjp2-7.dll
libtiff-5.dll
libplds4.dll 4.31.0.0
nssutil3.dll 3.73.1.0
MSWSOCK.dll 10.0.22000.1
WINMM.dll 10.0.22000.1
libjbig-0.dll
libdeflate.dll
libLerc.dll
liblzma-5.dll 5.2.5.0
libwebp-7.dll
pixbuf-load.dll
png-load.dll
ppm-load.dll
raw-load.dll
libraw-20.dll
libgomp-1.dll
rgbe-load.dll
svg-load.dll
librsvg-2-2.dll
libcairo-gobject-2.dll
USERENV.dll 10.0.22000.1
libxml2-2.dll
text.dll
tiff-load.dll
webp-load.dll
exr-save.dll
jpg-save.dll
npy-save.dll
pixbuf-save.dll
png-save.dll
ppm-save.dll
rgbe-save.dll
sdl2-display.dll
SDL2.dll 2.0.18.0
SETUPAPI.dll 10.0.22000.469
tiff-save.dll
webp-save.dll
gegl-common-cxx.dll
lcms-from-profile.dll
npd.dll
path.dll
transformops.dll
vector-stroke.dll
seamless-clone-compose.dll
gegl-generated.dll
matting-levin.dll
libumfpack.dll
libamd.dll
libsuitesparseconfig.dll
libcholmod.dll
libcamd.dll
libccolamd.dll
libmetis.dll
libcolamd.dll
libopenblas.dll
libgfortran-5.dll
libquadmath-0.dll
seamless-clone.dll
libgegl-sc-0.4.dll
libwimp.dll
libpixmap.dll
libpixbufloader-png.dll
libpixbufloader-svg.dll
icm32.dll 10.0.22000.469
textinputframework.dll 10.0.22000.282
CoreMessaging.dll 10.0.22000.71
CoreUIComponents.dll 10.0.22000.132
CRYPTBASE.DLL 10.0.22000.1
PalmInputTSF.dll 2.7.0.1702
ntmarta.dll 10.0.22000.1
AppXDeploymentClient.dll 10.0.22000.469
urlmon.dll 11.0.22000.653
iertutil.dll 11.0.22000.653
netutils.dll 10.0.22000.434
srvcli.dll 10.0.22000.613
TextShaping.dll
Windows.ApplicationModel.dll 10.0.22000.593
mssprxy.dll 7.0.22000.593
mrmcorer.dll 10.0.22000.120
windows.staterepositorycore.dll 10.0.22000.65
windows.staterepositoryclient.dll 10.0.22000.653
bcp47mrm.dll 10.0.22000.65
Windows.UI.dll 10.0.22000.1
CRYPTSP.dll 10.0.22000.1
rsaenh.dll 10.0.22000.282
shfolder.dll 10.0.22000.1
webio.dll 10.0.22000.1
WINNSI.DLL 10.0.22000.1
SspiCli.dll 10.0.22000.556
rasadhlp.dll 10.0.22000.1
fwpuclnt.dll 10.0.22000.593
schannel.DLL 10.0.22000.675
mskeyprotect.dll 10.0.22000.1
NTASN1.dll 10.0.22000.1
ncrypt.dll 10.0.22000.1
ncryptsslp.dll 10.0.22000.1
MSASN1.dll 10.0.22000.1
DPAPI.DLL 10.0.22000.1
comctl32.dll 6.10.22000.120
WindowsCodecs.dll 10.0.22000.653
Windows 10.0.22000
DrMingw 0.8.2Related news
Ubuntu Security Notice USN-6521-1
Ubuntu Security Notice 6521-1 - It was discovered that GIMP incorrectly handled certain image files. If a user were tricked into opening a specially crafted image, an attacker could use this issue to cause GIMP to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2022-7978-01
Red Hat Security Advisory 2022-7978-01 - The GIMP is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Issues addressed include buffer overflow and denial of service vulnerabilities.
RHSA-2022:7978: Red Hat Security Advisory: gimp security and enhancement update
An update for gimp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30067: gimp: buffer overflow through a crafted XCF file * CVE-2022-32990: gimp: unhandled exception via a crafted XCF file may lead to DoS