USN-5456-1: ImageMagick vulnerability
1 June 2022
ImageMagick could be made to crash if it opened a specially crafted file.
Releases
Packages
- imagemagick - Image manipulation programs and library
Details
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into opening a specially
crafted image, an attacker could possibly exploit this issue to cause a
denial of service or other unspecified impact.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
-
imagemagick-6-common
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
libmagick++-6.q16hdri-7
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
imagemagick
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
libmagickcore-6.q16-3
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
imagemagick-common
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
libmagick++-6.q16-7
-
8:6.9.7.4+dfsg-16ubuntu6.13
-
libmagickcore-6.q16hdri-3
-
8:6.9.7.4+dfsg-16ubuntu6.13
Ubuntu 16.04
-
imagemagick-common
-
8:6.8.9.9-7ubuntu5.16+esm3
Available with Ubuntu Pro
-
imagemagick
-
8:6.8.9.9-7ubuntu5.16+esm3
Available with Ubuntu Pro
-
imagemagick-6.q16
-
8:6.8.9.9-7ubuntu5.16+esm3
Available with Ubuntu Pro
-
libmagick++-6.q16-5v5
-
8:6.8.9.9-7ubuntu5.16+esm3
Available with Ubuntu Pro
-
libmagickcore-6.q16-2
-
8:6.8.9.9-7ubuntu5.16+esm3
Available with Ubuntu Pro
Ubuntu 14.04
-
imagemagick-common
-
8:6.7.7.10-6ubuntu3.13+esm2
Available with Ubuntu Pro
-
libmagickcore5
-
8:6.7.7.10-6ubuntu3.13+esm2
Available with Ubuntu Pro
-
imagemagick
-
8:6.7.7.10-6ubuntu3.13+esm2
Available with Ubuntu Pro
-
libmagick++5
-
8:6.7.7.10-6ubuntu3.13+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.