Описание
Security update for ImageMagick
This update for ImageMagick fixes the following issues:
- CVE-2025-65955: Fixed use-after-free/double-free in ImageMagick (bsc#1254435)
- CVE-2025-66628: Fixed Integer Overflow leading to out of bounds read in ImageMagick (32-bit only) (bsc#1254820)
- CVE-2025-68618: Fixed that reading a malicious SVG file may result in a DoS attack (bsc#1255821)
- CVE-2025-68950: Fixed check for circular references in mvg files may lead to stack overflow (bsc#1255822)
- CVE-2025-69204: Fixed an integer overflow can lead to a DoS attack (bsc#1255823)
Список пакетов
openSUSE Leap 16.0
Ссылки
- SUSE Security Ratings
- SUSE Bug 1254435
- SUSE Bug 1254820
- SUSE Bug 1255821
- SUSE Bug 1255822
- SUSE Bug 1255823
- SUSE CVE CVE-2025-65955 page
- SUSE CVE CVE-2025-66628 page
- SUSE CVE CVE-2025-68618 page
- SUSE CVE CVE-2025-68950 page
- SUSE CVE CVE-2025-69204 page
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick's Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
Затронутые продукты
Ссылки
- CVE-2025-65955
- SUSE Bug 1254435
Описание
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via AcquireQuantumMemory and later operations relying on the dimensions can trigger an out of bounds read. This issue is fixed in version 7.1.2-10.
Затронутые продукты
Ссылки
- CVE-2025-66628
- SUSE Bug 1254820
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.
Затронутые продукты
Ссылки
- CVE-2025-68618
- SUSE Bug 1255821
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue.
Затронутые продукты
Ссылки
- CVE-2025-68950
- SUSE Bug 1255822
Описание
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.
Затронутые продукты
Ссылки
- CVE-2025-69204
- SUSE Bug 1255823