CVE-2026-23952

NameCVE-2026-23952
DescriptionImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference vulnerability in the MSL (Magick Scripting Language) parser when processing <comment> tags before images are loaded. This can lead to DoS attack due to assertion failure (debug builds) or NULL pointer dereference (release builds). This issue is fixed in version 14.10.2.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-4448-1, DSA-6111-1
Debian Bugs1126077

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
imagemagick (PTS)bullseye8:6.9.11.60+dfsg-1.3+deb11u4vulnerable
bullseye (security)8:6.9.11.60+dfsg-1.3+deb11u10fixed
bookworm8:6.9.11.60+dfsg-1.6+deb12u5vulnerable
bookworm (security)8:6.9.11.60+dfsg-1.6+deb12u7fixed
trixie8:7.1.1.43+dfsg1-1+deb13u5fixed
trixie (security)8:7.1.1.43+dfsg1-1+deb13u6fixed
forky8:7.1.2.15+dfsg1-2fixed
sid8:7.1.2.16+dfsg1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
imagemagicksourcebullseye8:6.9.11.60+dfsg-1.3+deb11u9DLA-4448-1
imagemagicksourcebookworm8:6.9.11.60+dfsg-1.6+deb12u6DSA-6111-1
imagemagicksourcetrixie8:7.1.1.43+dfsg1-1+deb13u5DSA-6111-1
imagemagicksource(unstable)8:7.1.2.13+dfsg1-11126077

Notes

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8
Fixed by: https://github.com/ImageMagick/ImageMagick/commit/1eefab41bc0ab1c6c2c1fd3e4a49e3ee1849751d (7.1.2-13)
Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/0e4023775c8859d2b802e8b459a27b599ca8403a (6.9.13-38)
Search for package or bug name: Reporting problems