Fluid Attacks Database

Description

ImageMagick has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage) A heap out-of-bounds read vulnerability exists in the coders/dcm.c module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image).

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	imagemagick	=8:6.9.11.60+dfsg-1.6 \|\| =8:6.9.11.60+dfsg-1.6+deb12u1 \|\| =8:6.9.11.60+dfsg-1.6+deb12u2 \|\| =8:6.9.11.60+dfsg-1.6+deb12u3 \|\| =8:6.9.11.60+dfsg-1.6+deb12u4 \|\| =8:6.9.11.60+dfsg-1.6+deb12u5 \|\| =8:6.9.11.60+dfsg-1.6+deb12u6 \|\| >=0 <8:6.9.11.60+dfsg-1.6+deb12u7	8:6.9.11.60+dfsg-1.6+deb12u7
debian 13	imagemagick	=8:7.1.1.43+dfsg1-1 \|\| =8:7.1.1.43+dfsg1-1+deb13u1 \|\| =8:7.1.1.43+dfsg1-1+deb13u2 \|\| =8:7.1.1.43+dfsg1-1+deb13u3 \|\| =8:7.1.1.43+dfsg1-1+deb13u4 \|\| =8:7.1.1.43+dfsg1-1+deb13u5 \|\| >=0 <8:7.1.1.43+dfsg1-1+deb13u6	8:7.1.1.43+dfsg1-1+deb13u6
debian 14	imagemagick	=8:7.1.1.43+dfsg1-1 \|\| =8:7.1.1.46+dfsg1-1 \|\| =8:7.1.1.47+dfsg1-1 \|\| =8:7.1.1.47+dfsg1-2 \|\| =8:7.1.2.1+dfsg1-1 \|\| =8:7.1.2.12+dfsg1-1 \|\| =8:7.1.2.13+dfsg1-1 \|\| =8:7.1.2.3+dfsg1-1 \|\| =8:7.1.2.7+dfsg1-1 \|\| =8:7.1.2.8+dfsg1-1 \|\| >=0 <8:7.1.2.15+dfsg1-1	8:7.1.2.15+dfsg1-1
debian 11	imagemagick	=8:6.9.11.60+dfsg-1.3 \|\| =8:6.9.11.60+dfsg-1.3+deb11u1 \|\| =8:6.9.11.60+dfsg-1.3+deb11u2 \|\| =8:6.9.11.60+dfsg-1.3+deb11u3 \|\| =8:6.9.11.60+dfsg-1.3+deb11u4 \|\| =8:6.9.11.60+dfsg-1.3+deb11u5 \|\| =8:6.9.11.60+dfsg-1.3+deb11u6 \|\| =8:6.9.11.60+dfsg-1.3+deb11u7 \|\| =8:6.9.11.60+dfsg-1.3+deb11u8 \|\| =8:6.9.11.60+dfsg-1.3+deb11u9 \|\| >=0 <8:6.9.11.60+dfsg-1.3+deb11u10	8:6.9.11.60+dfsg-1.3+deb11u10
nuget	magick.net-q16-hdri-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-openmp-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-openmp-x64	>=0 <14.10.3	14.10.3
nuget	magick.net-q8-anycpu	>=0 <14.10.3	14.10.3
rpm rhel6	ImageMagick	-	-
rpm rhel7	ImageMagick	-	-

1-10 of 25

Aliases

1. CVE-2026-259822. NVD-2026-259823. OSV-DEBIAN-2026-259824. OSV-2026-259825. GHSA-pmq6-8289-hx3v6. GCVE-2026-259827. SECURITY-TRACKER-CVE-2026-25982

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmq6-8289-hx3v2. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3