CVE-2026-2239 identifies a heap-buffer-overflow vulnerability in the fread_pascal_string function within GIMP on Red Hat Enterprise Linux 7. The vulnerability occurs during the parsing of Photoshop Document (PSD) files, specifically when handling Pascal strings. The allocated buffer for the Pascal string is not properly null-terminated, which leads to an out-of-bounds read when the strlen() function is called subsequently. This improper null termination can cause the application to read beyond the allocated memory buffer, resulting in a heap-buffer-overflow condition. While this flaw does not allow for arbitrary code execution or data corruption, it can cause the GIMP application to crash, leading to an application-level denial of service (DoS). Exploitation requires the victim to open a specially crafted PSD file, meaning user interaction is necessary. The vulnerability requires local privileges with low complexity and does not affect confidentiality or integrity. The CVSS v3.1 base score is 2.8, reflecting its low severity. No known public exploits or active exploitation have been reported. The vulnerability is specific to Red Hat Enterprise Linux 7 environments running GIMP and processing PSD files.

The primary impact of CVE-2026-2239 is an application-level denial of service caused by GIMP crashing when processing malicious PSD files. This can disrupt workflows for users relying on GIMP for image editing, particularly in environments where PSD files are frequently handled. Since the vulnerability requires local access and user interaction, remote exploitation is unlikely. There is no impact on confidentiality or integrity, so data theft or modification is not a concern. However, in multi-user or shared systems, an attacker with low privileges could cause denial of service to other users by triggering the crash. Organizations that use Red Hat Enterprise Linux 7 and GIMP in production or critical environments may experience reduced availability of image processing services. The risk is mitigated by the low severity and the requirement for user action, but it still represents a stability and reliability concern.

To mitigate CVE-2026-2239, organizations should: 1) Apply patches or updates from Red Hat or GIMP maintainers as soon as they become available to ensure the fread_pascal_string function properly null-terminates buffers. 2) Restrict or monitor the opening of PSD files from untrusted or unknown sources, especially in environments where GIMP is used. 3) Employ application whitelisting or sandboxing techniques to limit the impact of crashes and prevent potential escalation. 4) Educate users about the risks of opening untrusted PSD files and encourage cautious handling of image files from external sources. 5) Consider using alternative image processing tools that are not vulnerable if PSD file handling is critical and patching is delayed. 6) Monitor system logs for repeated GIMP crashes that may indicate attempted exploitation. These steps go beyond generic advice by focusing on controlling file sources, user education, and containment strategies.