logo

Database

Out-of-bounds read In imagemagick

Description

ImageMagick: MSL - Stack overflow in ProcessMSLScript

Summary

Magick fails to check for circular references between two MSLs, leading to a stack overflow.

Details

After reading a.msl using magick, the following is displayed:

MSLStartElement -> ReadImage -> ReadMSLImage -> ProcessMSLScript -> xmlParseChunk -> xmlParseTryOrFinish -> MSLStartElement

AddressSanitizer:DEADLYSIGNAL
=================================================================
==114345==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x72509fc7d804 bp 0x7ffd6598b390 sp 0x7ffd6598ab20 T0)
    #0 0x72509fc7d804 in strlen ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:388
[...]

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

1-10 of 25

10

Aliases

1. CVE-2026-259712. NVD-2026-259713. OSV-DEBIAN-2026-259714. OSV-2026-259715. GHSA-8mpr-6xr2-chhc6. GCVE-2026-259717. SECURITY-TRACKER-CVE-2026-25971

References

1. https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc2. https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.