Heap buffer overflow via incorrect morphology parameters
Summary
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations. A flaw was found in ImageMagick. An attacker can exploit an off-by-one error in the morphology validation by providing incorrect morphology parameters. This can lead to out-of-bounds heap buffer reads and heap buffer overflow, potentially causing memory access violations. This flaw in ImageMagick is rated as Low impact. An attacker can trigger a memory access violation by submitting a maliciously crafted image. Red Hat severity: Low — CVSS 3.3 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). Weakness: CWE-125. Affected Red Hat products: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
- < 7.1.2-19
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation checklist
- To reduce exposure, avoid processing untrusted image files with ImageMagick, particularly those that may contain malformed morphology parameters. If processing untrusted content is necessary, consider implementing sandboxing mechanisms to isolate ImageMagick operations and limit the potential blast radius of any successful exploitation.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.