CVE-2018-5357
Description
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function when processing malformed DICOM files, leading to denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function when processing malformed DICOM files, leading to denial of service.
Vulnerability
ImageMagick version 7.0.7-22 Q16 contains memory leaks in the ReadDCMImage function within coders/dcm.c. The leak occurs when processing specially crafted DICOM images, as demonstrated in the GitHub issue [2]. The vulnerability is triggered during image decoding, and the leaked memory can accumulate over repeated operations.
Exploitation
An attacker can exploit this vulnerability by providing a malformed DICOM image to a user or automated system that uses ImageMagick. No authentication or special privileges are required; the attacker only needs to trick the victim into opening the crafted file (e.g., via email, web upload, or automated processing). The memory leak is triggered during the ReadDCMImage call, as shown in the AddressSanitizer output [2].
Impact
Successful exploitation results in memory exhaustion, leading to a denial of service (DoS) condition. The application may crash or become unresponsive due to excessive memory consumption. The Ubuntu security notice [1] also notes that other ImageMagick vulnerabilities in the same update could lead to code execution, but for this specific CVE, the impact is limited to memory leaks and DoS.
Mitigation
The issue is fixed in ImageMagick versions after 7.0.7-22. Ubuntu users can update to the patched package versions listed in USN-3681-1 [1]. Users should upgrade ImageMagick to the latest available version. No workaround is provided; updating is the recommended mitigation.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- Range: 7.0.7-22
- osv-coords11 versionspkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 6.8.8.1-71.42.1+ 10 more
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
- (no CPE)range: < 6.8.8.1-71.42.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The ReadDCMImage function in coders/dcm.c leaks memory when processing DCM images."
Attack vector
An attacker can trigger this vulnerability by providing a specially crafted DCM image file to ImageMagick. The `magick convert poc /dev/null` command demonstrates the memory leak when processing a file, as shown in the reference write-up [ref_id=1]. This leak occurs during the `ReadDCMImage` function's execution.
Affected code
The vulnerability resides in the `ReadDCMImage` function, located in the file `coders/dcm.c` within the ImageMagick source code. The memory leak is specifically tied to the execution path of this function during image processing.
What the fix does
The patch addresses a memory leak within the `ReadDCMImage` function in `coders/dcm.c`. The specific changes are not detailed in the provided information, but the leak was identified and reported, indicating that a fix would involve proper memory deallocation within that function to prevent the reported 168-byte leak.
Preconditions
- inputA specially crafted DCM image file.
Reproduction
The reference write-up provides a command that can be used to reproduce the issue: `magick convert poc /dev/null`. This command, when executed with a malicious DCM file, will trigger the memory leak detected by LeakSanitizer.
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- usn.ubuntu.com/3681-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.securityfocus.com/bid/102497mitrevdb-entryx_refsource_BID
- github.com/ImageMagick/ImageMagick/issues/941mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.