SecurityHome.eu [USN-7756-1] ImageMagick vulnerabilities

Home / mailings PDF

[USN-7756-1] ImageMagick vulnerabilities
Posted on 18 September 2025
Ubuntu Security
==========================================================================Ubuntu Security Notice USN-7756-1
September 18, 2025

imagemagick vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in ImageMagick.

Software Description:
- imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick did not properly handle memory when
performing magnified size calculations. An attacker could possibly use this
issue to cause ImageMagick to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2025-55154)

Woojin Park, Hojun Lee, Youngin Won, and Siyeon Han discovered that
ImageMagick incorrectly handled creating thumbnail images for certain
dimensions. An attacker could possibly use this issue to cause ImageMagick
to crash, resulting in a denial of service. This issue only affected Ubuntu
24.04 LTS. (CVE-2025-55212)

Lumina Mescuwa discovered that ImageMagick did not properly handle cloning
splay trees in the MagickCore library. An attacker could possibly use this
issue to cause sanitized builds of ImageMagick to crash, resulting in a
denial of service. (CVE-2025-55160)

Lumina Mescuwa discovered that ImageMagick did not properly handle memory.
An attacker could possibly use this issue to cause ImageMagick to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-57807)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
imagemagick-6.q16 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
imagemagick-6.q16hdri 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagick++-6.q16-9t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagick++-6.q16hdri-9t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickcore-6.q16-7-extra 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickcore-6.q16-7t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickcore-6.q16hdri-7-extra 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickcore-6.q16hdri-7t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickwand-6.q16-7t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro
libmagickwand-6.q16hdri-7t64 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm2
Available with Ubuntu Pro

Ubuntu 22.04 LTS
imagemagick-6.q16 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
imagemagick-6.q16hdri 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagick++-6.q16-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagick++-6.q16hdri-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickcore-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickcore-6.q16-6-extra 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickcore-6.q16hdri-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickcore-6.q16hdri-6-extra 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickwand-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro
libmagickwand-6.q16hdri-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm3
Available with Ubuntu Pro

Ubuntu 20.04 LTS
imagemagick-6.q16 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
imagemagick-6.q16hdri 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagick++-6.q16-8 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagick++-6.q16hdri-8 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickcore-6.q16-6 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickcore-6.q16-6-extra 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickcore-6.q16hdri-6 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickcore-6.q16hdri-6-extra 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickwand-6.q16-6 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro
libmagickwand-6.q16hdri-6 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm3
Available with Ubuntu Pro

Ubuntu 18.04 LTS
imagemagick-6.q16 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
imagemagick-6.q16hdri 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagick++-6.q16hdri-7 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickcore-6.q16-3-extra 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickcore-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickcore-6.q16hdri-3-extra 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickwand-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro
libmagickwand-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.15+esm5
Available with Ubuntu Pro

Ubuntu 16.04 LTS
imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm13
Available with Ubuntu Pro
libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm13
Available with Ubuntu Pro
libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm13
Available with Ubuntu Pro
libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm13
Available with Ubuntu Pro
libmagickwand-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm13
Available with Ubuntu Pro

Ubuntu 14.04 LTS
imagemagick 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro
imagemagick-common 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro
libmagick++5 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro
libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro
libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro
libmagickwand5 8:6.7.7.10-6ubuntu3.13+esm14
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7756-1
CVE-2025-55154, CVE-2025-55160, CVE-2025-55212, CVE-2025-57807

--===============5546222794607274168==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

TOP

Mailings :

Last 20

Exploits :

Last 20