CVE-2025-11266
published 2025-12-12CVE-2025-11266: An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing…
PriorityP428medium6.6CVSS 3.1
AVLACLPRNUIRSUCLILAH
EPSS
0.12%
2.0th percentile
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdcm | < gdcm 3.0.24-8 (forky) | gdcm 3.0.24-8 (forky) |
| grassroots | dicom | <= 3.0.24 | — |
| medinria | medinria | <= 4.0 | — |
| numfocus | simpleitk | <= 2.5.2 | — |
CVSS provenance
nvdv3.16.6MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
nvdv4.06.8MEDIUMCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
GDCM: Grassroots DICOM: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing
vendor_redhat·2025-12-12·CVSS 6.8
CVE-2025-11266 [MEDIUM] CWE-787 GDCM: Grassroots DICOM: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing
GDCM: Grassroots DICOM: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
A flaw was found in the Grassroots DICOM library (GDCM). A remote attacker could exploit an out-of-bounds write vulnerability by tricking a user int
Debian
CVE-2025-11266: gdcm - An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDC...
vendor_debian·2025·CVSS 6.8
CVE-2025-11266 [MEDIUM] CVE-2025-11266: gdcm - An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDC...
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 3.0.24-8)
sid: resolved (fixed in 3.0.24-8)
trixie: open
OSV
CVE-2025-11266: An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM)
osv·2025-12-12·CVSS 6.8
CVE-2025-11266 [MEDIUM] CVE-2025-11266: An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM)
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
GHSA
GHSA-7qcj-ww2g-7w6j: An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM)
ghsa_unreviewed·2025-12-12
CVE-2025-11266 [MEDIUM] CWE-787 GHSA-7qcj-ww2g-7w6j: An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM)
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-11266 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.8
CVE-2025-11266 [MEDIUM] CVE-2025-11266 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-11266 :
Linux Debian vulnerability analysis and mitigation
An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.
Source : NVD
## 6.8
Score
Published December 12, 2025
Severity MEDIUM
CNA Score 6.8
Affected Technologies
Linux Debian
Echo
Has Public Exploit No
Has CISA KEV Explo
Bugzilla
CVE-2025-11266 gdcm: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing [fedora-42]
bugzilla·2026-01-13·CVSS 6.8
CVE-2025-11266 [MEDIUM] CVE-2025-11266 gdcm: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing [fedora-42]
CVE-2025-11266 gdcm: Grassroots DICOM (GDCM): Denial of Service via malformed DICOM file parsing [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's pol
2025-12-12
Published