CVE-2017-12806
Description
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in format8BIM, enabling denial of service via crafted image files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in format8BIM, enabling denial of service via crafted image files.
Vulnerability
In ImageMagick 7.0.6-6, the function format8BIM does not properly validate input, leading to memory exhaustion. This occurs when processing a specially crafted image file [1].
Exploitation
An attacker can trigger this by providing a malformed image file to any ImageMagick command that processes it (e.g., convert). No authentication is required if the attacker can supply the file to a user or automated system [1][2].
Impact
Successful exploitation results in a denial of service due to memory exhaustion. The process consuming the image may crash or become unresponsive [1].
Mitigation
ImageMagick has since released updates. Ubuntu addressed this in USN-4034-1, which updated ImageMagick packages to fix the vulnerability [2]. Users should upgrade to the latest version to mitigate the issue.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- ImageMagick/ImageMagickdescription
- Range: =7.0.6-6
- osv-coords10 versionspkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 6.8.8.1-71.123.2+ 9 more
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
- (no CPE)range: < 6.8.8.1-71.123.2
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The format8BIM function in ImageMagick does not properly validate the size of image data, leading to excessive memory allocation."
Attack vector
An attacker can trigger this vulnerability by providing a specially crafted image file to the ImageMagick `convert` utility. The `convert` utility processes the image, and the `format8BIM` function attempts to allocate a large amount of memory based on the malformed input. This excessive allocation exhausts available system memory, causing a denial of service. The vulnerability is triggered when processing an image file that specifies an unusually large dimension or data size within the 8BIM format [ref_id=1].
Affected code
The vulnerability resides within the `format8BIM` function located in the `coders/meta.c` file. This function is responsible for parsing and processing image data in the 8BIM format. The issue arises on line 2184 of this file, where memory allocation occurs without sufficient bounds checking, leading to the memory exhaustion when processing a crafted input file [ref_id=1].
What the fix does
The patch, as indicated by the commit message in the reference, addresses the memory exhaustion by introducing checks within the `format8BIM` function. Specifically, it limits the maximum size of the image data that can be allocated, preventing the unbounded memory growth that led to the denial of service. This ensures that even with malformed input, the application will not attempt to allocate an amount of memory that exceeds system capabilities [ref_id=1].
Preconditions
- inputThe attacker must provide a specially crafted image file in the 8BIM format.
- configThe ImageMagick software must be installed and accessible.
Reproduction
``` root@ubuntu:/home/hjy/Desktop# convert oom-format8BIM /dev/null ==8638==ERROR: AddressSanitizer failed to allocate 0x72e8d000 (1927860224) bytes of LargeMmapAllocator: 12 ==8638==Process memory map follows: ... ==8638==AddressSanitizer CHECK failed: ../../../../src/libsanitizer/sanitizer_common/sanitizer_posix.cc:66 "(("unable to mmap" && 0)) != (0)" (0x0, 0x0) ``` [ref_id=1]
Generated on Jun 3, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/4034-1/mitrevendor-advisoryx_refsource_UBUNTU
- github.com/ImageMagick/ImageMagick/issues/660mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/09/msg00007.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.