Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. (bsc#1252749)
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
Ссылки
- Link for SUSE-SU-2025:3985-1
- E-Mail link for SUSE-SU-2025:3985-1
- SUSE Security Ratings
- SUSE Bug 1252749
- SUSE CVE CVE-2025-62594 page
Описание
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. This issue has been patched in version 7.1.2-8.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7:ImageMagick-config-7-upstream-7.1.0.9-150400.6.51.1
Ссылки
- CVE-2025-62594
- SUSE Bug 1252749