Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| imagemagick | fixed | 8:7.1.2.15+dfsg1-1 | package |
Примечания
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
Fixed by: https://github.com/ImageMagick/ImageMagick/commit/56f02958890b820cf2d0a6ecb04eb6f58ea75628 (7.1.2-14)
Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/b4c37614b6da7695cb4f5b3c6e326a37bdf2b1a9 (6.9.13-39)
for imagemagick6 fix in included in a jumbo security patch with other fix like CVE-2026-25797
EPSS
Связанные уязвимости
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write.
EPSS