CVE-2020-25663

CVE-2020-25663

Name

CVE-2020-25663

Description

A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called. This could occur if an attacker is able to submit a malicious image file to be processed by ImageMagick and could lead to denial of service. It likely would not lead to anything further because the memory is used as pixel data and not e.g. a function pointer. This flaw affects ImageMagick versions prior to 7.0.9-0.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Exploit	https://github.com/ImageMagick/ImageMagick/issues/1723
Third Party Advisory	https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=1891601

Type

URI

Exploit

https://github.com/ImageMagick/ImageMagick/issues/1723

Third Party Advisory

https://github.com/ImageMagick/ImageMagick/issues/1723#issuecomment-718275153

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=1891601

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:imagemagick:imagemagick::::::::`	imagemagick	>= None	< 7.0.9-0
`cpe:2.3:a:imagemagick:imagemagick::::::::`	imagemagick	>= None	< 7.0.8-56

CPE URI

Source package

Min version

Max version

cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

imagemagick

>= None

< 7.0.9-0

cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*

imagemagick

>= None

< 7.0.8-56

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
imagemagick	edge-community	7.0.9.7-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.62-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.56-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.53-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.44-r0	None	possibly vulnerable
imagemagick	edge-community	7.0.8.38-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.9.7-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.62-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.56-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.53-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.44-r0	None	possibly vulnerable
imagemagick	3.22-community	7.0.8.38-r0	None	possibly vulnerable
imagemagick	3.10-main	7.0.8.68-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

imagemagick

edge-community

7.0.9.7-r0

None

possibly vulnerable

imagemagick

edge-community