Fluid Attacks Database

Description

ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths

Summary

In ReadSTEGANOImage() (coders/stegano.c), the watermark Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service.

Direct leak of 13512 byte(s) in 1 object(s) allocated from:
    #0 0x7f5c11e27887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x55cdc38f65c4 in AcquireMagickMemory MagickCore/memory.c:536
    #2 0x55cdc38f65eb in AcquireCriticalMemory MagickCore/memory.c:612
    #3 0x55cdc3899e91 in AcquireImage MagickCore/image.c:154

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
nuget	magick.net-q16-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-openmp-x86	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-x64	>=0 <14.10.3	14.10.3
nuget	magick.net-q8-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-anycpu	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-hdri-anycpu	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-hdri-openmp-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-hdri-openmp-x64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-hdri-arm64	>=0 <14.10.3	14.10.3
nuget	magick.net-q16-hdri-x64	>=0 <14.10.3	14.10.3

1-10 of 24

Aliases

1. CVE-2026-257962. NVD-2026-257963. OSV-2026-257964. OSV-DEBIAN-2026-257965. GHSA-g2pr-qxjg-7r2w6. GCVE-2026-257967. SECURITY-TRACKER-CVE-2026-25796

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w2. https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc33. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3