Threat Advisory

Memory Corruption Vulnerabilities Found in ImageMagick

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

A set of security flaws have been identified in ImageMagick, a widely used image manipulation toolkit that supports many web and backend applications. The issues include memory corruption, buffer overflows, and undefined behavior errors that may allow denial-of-service, information leakage, or data corruption in certain scenarios. Four vulnerabilities have been assigned identifiers: CVE-2025-55154 (CVSS 8.8), CVE-2025-55004 (CVSS 7.6), CVE-2025-55005 (CVSS 5.5), and CVE-2025-55160 (CVSS 6.1). These flaws affect versions before 7.1.2-1, with one extending back to legacy versions before 6.9.13-26. Given the critical role of ImageMagick in applications that process user-supplied images, exploitation could lead to serious security risks if not patched.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

A set of security flaws have been identified in ImageMagick, a widely used image manipulation toolkit that supports many web and backend applications. The issues include memory corruption, buffer overflows, and undefined behavior errors that may allow denial-of-service, information leakage, or data corruption in certain scenarios. Four vulnerabilities have been assigned identifiers: CVE-2025-55154 (CVSS 8.8), CVE-2025-55004 (CVSS 7.6), CVE-2025-55005 (CVSS 5.5), and CVE-2025-55160 (CVSS 6.1). These flaws affect versions before 7.1.2-1, with one extending back to legacy versions before 6.9.13-26. Given the critical role of ImageMagick in applications that process user-supplied images, exploitation could lead to serious security risks if not patched.[emaillocker id="1283"]

  • CVE-2025-55154: This high-severity issue arises when processing the “MAGN” chunk of MNG files. Unsafe calculations can overflow during magnification, leading to values smaller than required. The result can be controlled out-of-bounds writes beyond heap boundaries, causing memory corruption. Exploitation requires specially crafted images with very large dimensions. Versions earlier than 7.1.2-1 and 6.9.13-26 are affected. The flaw is patched in 7.1.2-1 and 6.9.13-27.
  • CVE-2025-55004: A heap-buffer overflow occurs when magnifying images with separate alpha channels. The problem happens because the buffer allocation does not match the number of channels after an update mid-process. The copying loop then reads beyond allocated memory, potentially leaking sensitive data into output images. Versions earlier than 7.1.2-0 are impacted, with the fix provided in 7.1.2-1.
  • CVE-2025-55005: This moderate-severity flaw is linked to log colorspace conversions. Due to insufficient bounds checking, a heap-buffer overflow can occur. While exploitation is less severe compared to other vulnerabilities, it still exposes systems to memory issues. The flaw affects versions before 7.1.2-1 and is resolved in the patched release.
  • CVE-2025-55160: This issue is triggered during parsing of minimal inputs under Undefined Behavior Sanitizer builds. While not exploitable in typical environments, it causes deterministic aborts in sanitizer-enabled systems. In practice, this leads to denial-of-service rather than code execution. The bug is considered low impact but is still patched in the latest versions.

These vulnerabilities show how crafted image files can disrupt systems using ImageMagick. The risks range from memory corruption to denial-of-service, with the most severe flaws enabling data leakage or corruption.

RECOMMENDATION:

We strongly recommend you update ImageMagick to version 7.1.2-1.

REFERENCES:

The following reports contain further technical details:

https://securityonline.info/imagemagick-patches-multiple-flaws-high-severity-memory-bugs-fixed/

[/emaillocker]
crossmenu