USN-8069-1 Unknown

USN-8069-1: ImageMagick vulnerabilities

Canonical (Ubuntu) Released: March 04, 2026 Updated: March 05, 2026 Restart Required

Description

It was discovered that ImageMagick did not properly decode certain SUN image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-25897) It was discovered that ImageMagick did not properly validate pixel index values when writing UIL and XPM image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2026-25898) It was discovered that ImageMagick's MSL decoder did not properly handle certain attribute values. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-25968) It was discovered that ImageMagick's MSL decoder did not properly handle memory when processing certain script elements. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-25983) It was discovered that ImageMagick did not properly handle certain YUV image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-25986) It was discovered that ImageMagick did not properly handle certain MAP image files. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2026-25987) It was discovered that ImageMagick's PCD decoder did not properly process Huffman-coded data. An attacker could use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2026-26284)

Fixed Vulnerabilities 7

CVE-2026-25968 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when…

CVE-2026-25986 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability…

CVE-2026-25983 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a…

CVE-2026-26284 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when…

CVE-2026-25987 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists…

CVE-2026-25898 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder…

CVE-2026-25897 N/A 0.0 ⚠️ KEV fixed

Feb 24, 2026

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in…

Quick Info

Patch ID: USN-8069-1

Vendor: Canonical (Ubuntu)

Severity: Unknown

CVEs Fixed: 7

Restart: Required

Vendor

Canonical (Ubuntu)

Additional Info

action:

usn id: USN-8069-1

summary: Several security issues were fixed in ImageMagick.

usn number: 8069-1

instructions: In general, a standard system update will make all the necessary changes.

CVE Vulnerabilities

Posts & Pages

USN-8069-1: ImageMagick vulnerabilities

Description

Fixed Vulnerabilities 7

Quick Info

Vendor

Additional Info

Share