USN-7876-1

Details

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803.

Affected Packages

Ubuntu:Pro:14.04:LTSimagemagick

Fixed in:

8:6.7.7.10-6ubuntu3.13+esm16

Ubuntu:Pro:16.04:LTSimagemagick

Fixed in:

8:6.8.9.9-7ubuntu5.16+esm15

Ubuntu:Pro:18.04:LTSimagemagick

Fixed in:

8:6.9.7.4+dfsg-16ubuntu6.15+esm7

Ubuntu:Pro:20.04:LTSimagemagick

Fixed in:

8:6.9.10.23+dfsg-2.1ubuntu11.11+esm5

Ubuntu:Pro:22.04:LTSimagemagick

Fixed in:

8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm5

Ubuntu:Pro:24.04:LTSimagemagick

Fixed in:

8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm4

References

REPORThttps://ubuntu.com/security/CVE-2025-62171 ADVISORYhttps://ubuntu.com/security/notices/USN-7876-1

USN-7876-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline