Linux Distros Unpatched Vulnerability : CVE-2023-44444

🗓️ 21 Aug 2025 00:00:00Reported by TenableType

GIMP PSP file parsing off-by-one remote code execution CVE-2023-44444; needs user action; unpatched.

Reporter	Title	Published	Views	Family All 159
Amazon	Low: gimp	22 Jul 202500:00	–	amazon
Tenable Nessus	Alibaba Cloud Linux 3 : 0025: gimp:2.8 (ALINUX3-SA-2024:0025)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : gimp (ALSA-2024:0675)	10 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gimp:2.8 (ALSA-2024:0861)	22 Feb 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gimp:2.8 (ALSA-2025:0746)	29 Jan 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : gimp (ALSA-2025:3617)	7 Apr 202500:00	–	nessus
Tenable Nessus	Debian dla-3659 : gimp - security update	21 Nov 202300:00	–	nessus
Tenable Nessus	Debian DSA-5564-1 : gimp - security update	25 Nov 202300:00	–	nessus
Tenable Nessus	GLSA-202501-02 : GIMP: Multiple Vulnerabilities	17 Jan 202500:00	–	nessus
Tenable Nessus	MiracleLinux 9 : gimp-2.99.8-4.el9_3 (AXSA:2024-7511:01)	20 Jan 202600:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2023-44444
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(253158);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/21");

  script_cve_id("CVE-2023-44444");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-44444");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote
    attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to
    exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The
    specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one
    error when calculating a location to write within a heap-based buffer. An attacker can leverage this
    vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22097. (CVE-2023-44444)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-44444");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-44444");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gimp");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "gimp"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "gimp"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

21 Aug 2025 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 37.8

EPSS0.49605

SSVC

psp file parsing; off by one; remote code execution; vulnerability 2023-44444; unpatched software