CVE-2025-57803Heap-based Buffer Overflow in Imagemagick

CWE-122Heap-based Buffer OverflowCWE-190Integer Overflow or Wraparound17 documents7 sources
Severity
8.8HIGHNVD
NVD7.5
EPSS
0.1%
top 75.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ImagemagickDebian Imagemagick
Timeline
PublishedAug 26
Latest updateNov 20

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap me

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

debiandebian/imagemagick< imagemagick 8:6.9.11.60+dfsg-1.6+deb12u5 (bookworm)+1
CVEListV5imagemagick/imagemagick< 6.9.13-32+1
NVDimagemagick/imagemagick7.0.0-07.1.2-7+3
Debianimagemagick/imagemagick< 8:6.9.11.60+dfsg-1.3+deb11u6+7
Ubuntuimagemagick/imagemagick< 8:6.7.7.10-6ubuntu3.13+esm15+11

Patches

Patch: github.com

🔴Vulnerability Details

8
OSV
imagemagick vulnerabilities2025-11-20
GHSA
ImageMagick has Integer Overflow in BMP Decoder (ReadBMP)2025-10-28
OSV
ImageMagick has Integer Overflow in BMP Decoder (ReadBMP)2025-10-28
OSV
CVE-2025-62171: ImageMagick is an open source software suite for displaying, converting, and editing raster image files2025-10-17
OSV
imagemagick vulnerabilities2025-10-08

📋Vendor Advisories

7
Ubuntu
ImageMagick vulnerability2025-11-20
Red Hat
ImageMagick: ImageMagick vulnerable to denial of service via integer overflow in BMP decoder on 32-bit systems2025-10-17
Oracle
Oracle Oracle Communications Risk Matrix: Developer Infrastructure (ImageMagick) — CVE-2025-578032025-10-15
Ubuntu
ImageMagick vulnerabilities2025-10-08
Red Hat
imagemagick: ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow2025-08-26