logo

Database

Out-of-bounds read In imagemagick

Description

ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation A 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.

=================================================================
==741961==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000083dc at pc 0x56553b4c4245 bp 0x7ffd9d20fef0 sp 0x7ffd9d20fee0
WRITE of size 1 at 0x5020000083dc thread T0

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 25

10

Aliases

1. CVE-2026-309372. NVD-2026-309373. OSV-DEBIAN-2026-309374. OSV-2026-309375. GHSA-qpg4-j99f-8xcg6. GCVE-2026-309377. SECURITY-TRACKER-CVE-2026-30937

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.