CVE-2025-65955

| EUVD-2025-200466 MEDIUM
2025-12-02 [email protected]
4.9
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 15, 2026 - 14:04 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 14:04 euvd
EUVD-2025-200466
Patch Released
Mar 15, 2026 - 14:04 nvd
Patch available
CVE Published
Dec 02, 2025 - 23:15 nvd
MEDIUM 4.9

Tags

Denial Of Service Ubuntu Debian Imagemagick Redhat Suse

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.

Analysis

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.

Technical Context

A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users.

Affected Products

Affected products: Imagemagick Imagemagick

Remediation

A vendor patch is available — apply it immediately. Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.

Priority Score

25
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +24
POC: 0

Vendor Status

Ubuntu

Priority: Medium
imagemagick
Release Status Version
upstream needs-triage -
bionic not-affected rejected cve
focal not-affected rejected cve
jammy not-affected rejected cve
noble not-affected rejected cve
plucky not-affected rejected cve
questing not-affected rejected cve
trusty not-affected rejected cve
xenial not-affected rejected cve

Debian

Bug #1122827
imagemagick
Release Status Fixed Version Urgency
bullseye fixed 8:6.9.11.60+dfsg-1.3+deb11u8 -
bullseye (security) fixed 8:6.9.11.60+dfsg-1.3+deb11u10 -
bookworm fixed 8:6.9.11.60+dfsg-1.6+deb12u5 -
bookworm (security) fixed 8:6.9.11.60+dfsg-1.6+deb12u7 -
trixie fixed 8:7.1.1.43+dfsg1-1+deb13u4 -
trixie (security) fixed 8:7.1.1.43+dfsg1-1+deb13u6 -
forky fixed 8:7.1.2.15+dfsg1-2 -
sid fixed 8:7.1.2.16+dfsg1-1 -
(unstable) fixed 8:7.1.2.12+dfsg1-1 -
DLA-4429-1

Share

CVE-2025-65955 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy