Memory Leak in GDCM Medical Imaging Parser Enables Remote Denial of Service
A memory leak vulnerability in Grassroots DICOM (GDCM) 3.2.2 allows remote attackers to trigger denial-of-service conditions by submitting specially crafted DICOM files. This affects healthcare systems that rely on GDCM for medical image processing.
CVE References
Affected
Assessment
This vulnerability represents a class of risks endemic to legacy medical device software: improper memory management in parsers that process untrusted input. GDCM is widely deployed in healthcare IT infrastructure, from PACS systems to diagnostic workstations, making it a strategically relevant attack surface despite the apparent simplicity of the flaw.
Technical Details
The vulnerability is classified as CWE-459 (Missing Release of Memory after Effective Lifetime)—a memory leak triggered during DICOM file parsing. An attacker crafting a malicious DICOM file can force the parser into a state where allocated memory is never freed, causing the application to exhaust available memory and crash. Since DICOM is a binary format with complex, nested structures, exploitation likely requires minimal sophistication: fuzzing or targeted manipulation of image property tags could reliably trigger the leak. The CVSS v3 score of 7.5 (high) reflects the remote nature of exploitation and the practical impact on availability.
Healthcare Impact
GDCM is foundational to medical imaging workflows. A denial-of-service condition affecting a PACS server, diagnostic viewer, or image processing pipeline can delay or prevent clinical decision-making. In acute care settings, this can cascade into operational failures. The vulnerability is not isolated to a single vendor; GDCM is used across open-source and commercial medical applications, meaning the blast radius is organizationally distributed and difficult to quantify.
Defender Guidance
Organizations should immediately patch GDCM to a version that fixes CVE-2026-3650 (version not specified in advisory; check vendor release notes). In the interim, implement input validation and file pre-screening at PACS gateways, restrict file upload capabilities to authenticated users only, and monitor for memory exhaustion or application crashes correlated with DICOM import activity. Consider deploying network-level rate limits on DICOM protocol traffic and segmenting medical imaging systems from general IT infrastructure.
Broader Implications
This advisory highlights the risk profile of aging, open-source medical software that supports critical infrastructure. GDCM receives community contributions but lacks the formal security SDL processes of enterprises. As healthcare systems modernize imaging workflows, legacy parsers like GDCM remain in use, creating persistent vulnerability exposure. The shift toward cloud-based PACS and containerized medical services may amplify this risk if GDCM is deployed without input sandboxing or resource limits.
Sources