logo

Database

Inappropriate coding practices In magick.net-q16-openmp-arm64

Description

ImageMagick has a possible heap Use After Free vulnerability in its meta coder A heap Use After Free vulnerability exists in the meta coder when an allocation fails and a single byte is written to a stale pointer.

==535852==ERROR: AddressSanitizer: heap-use-after-free on address 0x5210000088ff at pc 0x5581bacac14d bp 0x7ffdf667edf0 sp 0x7ffdf667ede0
WRITE of size 1 at 0x5210000088ff thread T0

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 17

10

Aliases

1. GHSA-2gq3-ww97-wfjm2. GCVE-GHSA-2gq3-ww97-wfjm

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2gq3-ww97-wfjm2. https://github.com/ImageMagick/ImageMagick/commit/f5049954f12c6fcf090a776767526d2a4708d58b

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.