Linux Distros Unpatched Vulnerability : CVE-2023-44442

🗓️ 22 Aug 2025 00:00:00Reported by TenableType

GIMP PSD parsing overflow CVE-2023-44442 enables remote code execution; unpatched Linux/Unix.

Reporter	Title	Published	Views	Family All 156
Amazon	Important: gimp	22 Jul 202500:00	–	amazon
Tenable Nessus	Alibaba Cloud Linux 3 : 0025: gimp:2.8 (ALINUX3-SA-2024:0025)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : gimp (ALSA-2024:0675)	10 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gimp:2.8 (ALSA-2024:0861)	22 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gimp:2.8 (ALSA-2025:0746)	29 Jan 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : gimp (ALSA-2025:3617)	7 Apr 202500:00	–	nessus
Tenable Nessus	Debian dla-3659 : gimp - security update	21 Nov 202300:00	–	nessus
Tenable Nessus	Debian DSA-5564-1 : gimp - security update	25 Nov 202300:00	–	nessus
Tenable Nessus	GLSA-202501-02 : GIMP: Multiple Vulnerabilities	17 Jan 202500:00	–	nessus
Tenable Nessus	MiracleLinux 9 : gimp-2.99.8-4.el9_3 (AXSA:2024-7511:01)	20 Jan 202600:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2023-44442
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(253635);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/22");

  script_cve_id("CVE-2023-44442");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-44442");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability
    allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is
    required to exploit this vulnerability in that the target must visit a malicious page or open a malicious
    file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper
    validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can
    leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-
    CAN-22094. (CVE-2023-44442)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-44442");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-44442");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gimp");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "gimp"}
        ]
      }
    ]
  },
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "gimp"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

22 Aug 2025 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 37.8

EPSS0.58322

SSVC