Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:3956-1

Опубликовано: 05 нояб. 2025
Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

  • CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. (bsc#1252749)

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP7
ImageMagick-7.1.1.43-150700.3.22.1
ImageMagick-config-7-SUSE-7.1.1.43-150700.3.22.1
ImageMagick-config-7-upstream-limited-7.1.1.43-150700.3.22.1
ImageMagick-config-7-upstream-open-7.1.1.43-150700.3.22.1
ImageMagick-config-7-upstream-secure-7.1.1.43-150700.3.22.1
ImageMagick-config-7-upstream-websafe-7.1.1.43-150700.3.22.1
ImageMagick-devel-7.1.1.43-150700.3.22.1
libMagick++-7_Q16HDRI5-7.1.1.43-150700.3.22.1
libMagick++-devel-7.1.1.43-150700.3.22.1
libMagickCore-7_Q16HDRI10-7.1.1.43-150700.3.22.1
libMagickWand-7_Q16HDRI10-7.1.1.43-150700.3.22.1
SUSE Linux Enterprise Module for Development Tools 15 SP7
perl-PerlMagick-7.1.1.43-150700.3.22.1

Ссылки

Описание

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. This issue has been patched in version 7.1.2-8.

Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:ImageMagick-7.1.1.43-150700.3.22.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:ImageMagick-config-7-SUSE-7.1.1.43-150700.3.22.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:ImageMagick-config-7-upstream-limited-7.1.1.43-150700.3.22.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:ImageMagick-config-7-upstream-open-7.1.1.43-150700.3.22.1
Ссылки
Уязвимость SUSE-SU-2025:3956-1