Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels (bsc#1248076).
- CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces (bsc#1248077).
- CVE-2025-55154: Fixed integer overflow when performing magnified size calculations in ReadOneMNGIMage can lead to out-of-bounds write (bsc#1248078).
- CVE-2025-55160: Fixed undefined behavior due to function-type-mismatch in CloneSplayTree (bsc#1248079).
- CVE-2025-55212: Fixed division-by-zero in ThumbnailImage() when passing a geometry string containing only a colon to
montage -geometry(bsc#1248767). - CVE-2025-55298: Fixed heap overflow due to format string bug vulnerability (bsc#1248780).
- CVE-2025-57803: Fixed heap out-of-bounds (OOB) write due to 32-bit integer overflow (bsc#1248784).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
SUSE Linux Enterprise Module for Development Tools 15 SP7
Ссылки
- Link for SUSE-SU-2025:03113-1
- E-Mail link for SUSE-SU-2025:03113-1
- SUSE Security Ratings
- SUSE Bug 1248076
- SUSE Bug 1248077
- SUSE Bug 1248078
- SUSE Bug 1248079
- SUSE Bug 1248767
- SUSE Bug 1248780
- SUSE Bug 1248784
- SUSE CVE CVE-2025-55004 page
- SUSE CVE CVE-2025-55005 page
- SUSE CVE CVE-2025-55154 page
- SUSE CVE CVE-2025-55160 page
- SUSE CVE CVE-2025-55212 page
- SUSE CVE CVE-2025-55298 page
- SUSE CVE CVE-2025-57803 page
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1.
Затронутые продукты
Ссылки
- CVE-2025-55004
- SUSE Bug 1248076
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.
Затронутые продукты
Ссылки
- CVE-2025-55005
- SUSE Bug 1248077
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Затронутые продукты
Ссылки
- CVE-2025-55154
- SUSE Bug 1248078
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Затронутые продукты
Ссылки
- CVE-2025-55160
- SUSE Bug 1248079
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Затронутые продукты
Ссылки
- CVE-2025-55212
- SUSE Bug 1248767
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Затронутые продукты
Ссылки
- CVE-2025-55298
- SUSE Bug 1248780
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder's scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Затронутые продукты
Ссылки
- CVE-2025-57803
- SUSE Bug 1248784