摘要:
ImageMagick security update
安全等级: High
公告ID: KylinSec-SA-2025-2895
发布日期: 2025年9月18日
关联CVE: CVE-2025-55160 CVE-2025-55005 CVE-2025-55004 CVE-2025-55154 CVE-2025-57807 CVE-2025-55212 CVE-2025-57803
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.
Security Fix(es):
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1.(CVE-2025-55004)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.(CVE-2025-55005)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.(CVE-2025-55154)
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.(CVE-2025-55160)
A vulnerability classified as problematic was found in ImageMagick up to 6.9.13-27/7.1.2-1 (Image Processing Software).The manipulation of the argument width/height with an unknown input leads to a unknown weakness. The CWE definition for the vulnerability is CWE-369. The product divides a value by zero.As an impact it is known to affect availability.Upgrading to version 6.9.13-28 or 7.1.2-2 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying the patch 5f0bcf986b8b5e90567750d31a37af502b73f2af is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-55212)
A vulnerability was found in ImageMagick up to 6.9.13-27/7.1.2-1 on 32-bit (Image Processing Software). It has been rated as critical.Using CWE to declare the problem leads to CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().Impacted is confidentiality, integrity, and availability.Upgrading to version 6.9.13-28 or 7.1.2-2 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying the patch 2c55221f4d38193adcb51056c14cf238fbcc35d7 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.(CVE-2025-57803)
ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2.(CVE-2025-57807)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-55160 | V6 | ImageMagick | Fixed |
| CVE-2025-55005 | V6 | ImageMagick | Fixed |
| CVE-2025-55004 | V6 | ImageMagick | Fixed |
| CVE-2025-55154 | V6 | ImageMagick | Fixed |
| CVE-2025-57807 | V6 | ImageMagick | Fixed |
| CVE-2025-55212 | V6 | ImageMagick | Fixed |
| CVE-2025-57803 | V6 | ImageMagick | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| ImageMagick | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick-c++ | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick-c++-devel | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick-devel | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick-help | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick-perl | x86_64 | 7.1.2.2-2.ks6 |
| ImageMagick | aarch64 | 7.1.2.2-2.ks6 |
| ImageMagick-c++ | aarch64 | 7.1.2.2-2.ks6 |
| ImageMagick-c++-devel | aarch64 | 7.1.2.2-2.ks6 |
| ImageMagick-devel | aarch64 | 7.1.2.2-2.ks6 |
| ImageMagick-help | aarch64 | 7.1.2.2-2.ks6 |
| ImageMagick-perl | aarch64 | 7.1.2.2-2.ks6 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
