Detections
Analytics

openSUSE 16 Security Update : gimp (openSUSE-SU-2026:20055-1)

high Nessus Plugin ID 291313

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20055-1 advisory.

 Changes in gimp:

 Update to 3.0.6:

 - Security:

 - During development, we received reports from the Zero Day Initiative of potential security issues with some of our file import plug-ins. While these issues are very unlikely to occur with real files, developers like Jacob Boerema and Alx Sa proactively improved security for those imports.
 The resolved reports are:
 - ZDI-CAN-27793
 - ZDI-CAN-27823
 - ZDI-CAN-27836
 - ZDI-CAN-27878
 - ZDI-CAN-27863
 - ZDI-CAN-27684

 - Core:

 - Many false-positive build warnings have been cleaned out (and proper issues fixed).
 - Various crashes fixed.
 - When creating a layer mask from the layer's alpha, but the layer has no alpha, simply fill the mask with complete opacity instead of a completely transparent layer.
 - Various core infrastructure code reviewed, cleaned up, refactored and improved, in drawable, layer and filter handling code, tree view code, and more.
 - GIMP_ICONS_LIKE_A_BOSS environment variable is not working anymore (because gtk-menu-images and gtk-button-images have been deprecated in GTK3 and removed in GTK4) and was therefore removed.
 - Lock Content now shows as an undo step.
 - Add alpha channel for certain transforms.
 - Add alpha channel on filter merge, when necessary.
 - Filters can now be applied non-destructively on channels.
 - Improved Photoshop brush support.
 - After deleting a palette entry, the next entry is automatically selected. This allows easily deleting several entries in a row, among other usage.
 - Resize image to layers irrespective to selections.
 - Improved in-GUI release notes' demo script language:

 - We can now set a button value to click it: toolbox:text, tool-options:outline=1, tool-options:outline-direction
 - Color selector's module names can be used as identifiers:
 color-editor,color-editor:CMYK=1,color-editor:total-ink-coverage

 - Fixed Alpha to Selection on single layers with no transparency.
 - Various code is slowly ported to newer code, preparing for GTK4 port (in an unplanned future step):

 - Using g_set_str() (optionally redefining it in our core code to avoid bumping the GLib minimum requirement).
 - Start using GListModel in various pieces of code, in particular getting rid of more and more usage of GtkTreeView when possible (as it will be deprecated with GTK4).
 - New GimpRow class for all future row widgets.
 - Use more of G_DECLARE_DERIVABLE_TYPE and G_DECLARE_FINAL_TYPE where relevant.
 - New GimpContainerListView using a GtkListBox.
 - New GimpRowSeparator, GimpRowSettings, GimpRowFilter and GimpRowDrawableFilter widgets.

 - (Experimental) GEX Format was updated.
 - Palette import:

 - Set alpha value for image palette imports.
 - Fix Lab & CMYK ACB palette import.
 - Add palette format filters to import dialog, making it more apparent what palette formats are supported, and giving the ability to hide irrelevant files.

 - Improved filter actions' sensitivity to make sure they are set insensitive when relevant. In particular filters which cannot be run non-destructively (e.g. filters with aux inputs, non-interactive filters and GEGL Graph) must be insensitive when trying to run them on group layers.
 - Fix bad axis centering on zoom out.
 - Export better SVG when exporting paths.

 - Tools:

 - Text tool: make sure the default color is only changed when the user confirms the color change.
 - Foreground Selection tool: do not create a selection when no strokes has been made. In particular this removes the unnecessary delay which happened when switching to another tool without actually stroking anything.
 - All Transform tools: transform boundaries for preview is now multi-layers aware.
 - (Experimental) Seamless Clone tool: made to work again, though it is still too slow to get out of Playground.

 - Graphical User Interface:

 - Various improvements to window management:

 - Keep-Above windows are set with the Utility hint.
 - Utility windows are not made transient to a parent.
 - Transient factory dialogs follow the active display, ensuring that new image windows would not hide your toolbox and dock windows.

 - Various CSS improvements for styling of the interface. Some theme leaks were also fixed.
 - New toggle button in Brushes and Fonts dockable, allowing brush and font previews to optionally follow the color theme.
 For instance, when using a dark theme, the brush and font previews could be drawn on the theme background, using the theme foreground colors. By default, these data previews are still drawn as black on white.
 - Palette grid is now drawn with the theme's background color.
 - Consistent naming patterns on human-facing options (first word only capitalized).
 - About dialog:

 - We will now display the date and time of the last check in a Up to date as of <date> at <time> string, differing from the Last checked on <date> at <time> string. The former will be used to indicate that GIMP is indeed up-to-date whereas the latter when a new version was released and that you should update.
 - We now respect the system time/date format on macOS and Windows.

 - The search popup won't pop up without an image.
 - Better zoom step algorithm for data previews in container popup (e.g. the brush popup in paint Tool Options).
 - Disable animation in the Input Controller, Preferences and Welcome dialogs for stack transition when animation are disabled in system settings.
 - Fixed crosshair hotspot on Windows (crosshair cursor for brushes was offset with a non-100% display scale factor).
 - Debug/CRITICAL dialog:

 - Make sure it is non-modal.
 - Follow the theme mode under Windows.

 - While loading images, all widgets in the file dialog are made insensitive, except for the Cancel button and the progress bar.
 - Both grid and list views can now zoom via scroll and zoom gestures (it used to only work in list views).
 - Pop an error message up on startup when GIO modules to read HTTPS links are not found and that we therefore fail to load the remote gimp_versions.json file. With the AppImage package in particular, we depend on an environment daemon which cannot be shipped in the package. So the next best thing is to warn people and tell them what they should install to get version checks.
 - Welcome dialog:

 - The Community Tutorials link is now shown after the Documentation link.
 - The Learn more link in Release Notes tab leads to the actual release news for this version.

 - Plug-ins:

 - PDF export: do not draw disabled layer masks.
 - Jigsaw: the plug-in can now draw on transparent layers.
 - Various file format fixes and improvements: JPEG 2000 import, TIFF import, DDS import, SVG import, PSP import, FITS export, ICNS import, Dicom import, WBMP import, Farbfeld import, XWD import, ILBM import.
 - Sphere Designer: use spin scale instead of spin entries (the latter is unusable with little horizontal space).
 - Animation Play: frames are shown again in the playback progress bar.
 - Vala Goat Exercise: ignoring C warning in this Vala plug-in as it is generated code and we cannot control it.
 - file-gih: brush pipe selection modes now have nice, translatable names.
 - Metadata viewer: port from GtkTreeView to GtkListBox.
 - File Raw Data: reduce Raw Data load dialogue height by moving to a 2-column layout.
 - SVG import: it is now possible to break aspect ratio with specific width/height arguments, when calling the PDB procedure non-interactively (from other plug-ins).
 - Print: when run through a portal print dialog, the Image Settings will be exposed as a secondary dialog, outputted after the portal dialog, instead of a tab on the main print dialog (because it is not possible to tweak the print dialog when it is created by a portal). This will bring back usable workflow of printing with GIMP when run in a sandbox (e.g.
 Flatpak or Snap).
 - Recompose: fixed for YCbCr decomposed images.
 - Fixed vulnerabilities: ZDI-CAN-27684, ZDI-CAN-27863, ZDI-CAN-27878, ZDI-CAN-27836, ZDI-CAN-27823, ZDI-CAN-27793.
 - C Source and HTML export can now be run non-interactively too (e.g. from other plug-ins).
 - Map Object: fix missing spin boxes.
 - Small Tiles: fix display lag.

 - CVE-2025-10925: Fix GIMP ILBM file parsing stack-based buffer overflow remote code execution vulnerability. (ZDI-25-914, ZDI-CAN-27793, bsc#1250501)

 - CVE-2025-10922: Fix GIMP DCM file parsing heap-based buffer overflow remote code execution vulnerability. (ZDI-25-911, ZDI-CAN-27863, bsc#1250497)

 - CVE-2025-10920: Prevent overflow attack by checking if output >= max, not just output > max. (ZDI-25-909, ZDI-CAN-27684, bsc#1250495)

 - CVE-2025-10924: Fix integer overflow while parsing FF files. (bsc#1250499)

 - CVE-2025-2760: A vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. The specific flaw exists within parsing of XWD files. An integer overflow happens before allocating a buffer. This fixed in GIMP 3.0.0.
 https://www.gimp.org/news/2025/03/16/gimp-3-0-released (bsc#1241690)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1241690

https://www.suse.com/security/cve/CVE-2025-2760

https://bugzilla.suse.com/1250497

https://www.suse.com/security/cve/CVE-2025-10922

https://bugzilla.suse.com/1250495

https://bugzilla.suse.com/1250499

https://bugzilla.suse.com/1250501

https://www.suse.com/security/cve/CVE-2025-10920

https://www.suse.com/security/cve/CVE-2025-10924

https://www.suse.com/security/cve/CVE-2025-10925

Plugin Details

Severity: High

ID: 291313

File Name: openSUSE-2026-20055-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/18/2026

Updated: 1/18/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-2760

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:gimp-extension-goat-excercises, p-cpe:/a:novell:opensuse:libgimp-3_0-0, p-cpe:/a:novell:opensuse:gimp-lang, p-cpe:/a:novell:opensuse:gimp, p-cpe:/a:novell:opensuse:gimp-plugin-aa, p-cpe:/a:novell:opensuse:gimp-vala, p-cpe:/a:novell:opensuse:gimp-plugin-python3, p-cpe:/a:novell:opensuse:gimp-devel, p-cpe:/a:novell:opensuse:libgimpui-3_0-0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/16/2026

Vulnerability Publication Date: 4/23/2025

Reference Information

CVE: CVE-2025-10920, CVE-2025-10922, CVE-2025-10924, CVE-2025-10925, CVE-2025-2760

IAVB: 2025-B-0092-S