Описание
ELSA-2025-16313: ImageMagick security update (IMPORTANT)
[6.9.10.68-7.0.3]
- Security update CVE-2025-57803 [Orabug: 38455460]
[6.9.10.68-7.0.1]
- Fix for CVE-2025-55154 [Orabug: 38417011]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
ImageMagick
6.9.10.68-7.0.3.el7_9
ImageMagick-c++
6.9.10.68-7.0.3.el7_9
ImageMagick-c++-devel
6.9.10.68-7.0.3.el7_9
ImageMagick-devel
6.9.10.68-7.0.3.el7_9
ImageMagick-doc
6.9.10.68-7.0.3.el7_9
ImageMagick-perl
6.9.10.68-7.0.3.el7_9
Связанные CVE
Связанные уязвимости
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
ImageMagick is free and open-source software used for editing and mani ...
