CVE-2019-12975
Description
ImageMagick 7.0.8-34 has a memory leak in WriteDPXImage due to incomplete cleanup on write failure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick 7.0.8-34 has a memory leak in WriteDPXImage due to incomplete cleanup on write failure.
Vulnerability
ImageMagick 7.0.8-34 (and possibly earlier) contains a memory leak in WriteDPXImage within coders/dpx.c. The bug occurs when a write operation fails after pixel allocation: the loop breaks early but DestroyQuantumInfo and CloseBlob are only called after the loop, leaving allocated pixels memory unreleased. Affected versions include 7.0.8-34; the issue was reported via GitHub issue #1517.
Exploitation
An attacker needs no special access; any user invoking ImageMagick's DPX writing (e.g., via convert or API) on a crafted image can trigger the leak. The failure condition arises when WriteBlob returns a count not equal to extent, causing an early loop exit. No race window or authentication required.
Impact
The memory leak gradually consumes heap, potentially leading to denial of service in long-running processes. No other CIA impact; privilege level remains unchanged.
Mitigation
A fix was committed in commit f1cc2e (see [1]). Users should upgrade to ImageMagick 7.0.8-35 or later. If unable to upgrade, monitor memory usage and limit DPX processing of untrusted images as a workaround.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
13- ImageMagick/ImageMagickdescription
- Range: = 7.0.8-34
- osv-coords11 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 7.0.7.34-lp151.7.9.1+ 10 more
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The WriteDPXImage function fails to properly handle error conditions during the image writing loop, leading to a memory leak."
Attack vector
An attacker can trigger this vulnerability by providing a malformed image file that causes the WriteDPXImage function to exit the processing loop prematurely [ref_id=1]. When the loop breaks due to an error, the function fails to throw an exception, resulting in leaked memory [ref_id=1].
Affected code
The vulnerability is located in the WriteDPXImage function within the coders/dpx.c file [ref_id=1].
What the fix does
The advisory suggests that the function should explicitly call ThrowWriterException when the loop terminates before processing all image rows [ref_id=1]. This ensures that error states are properly handled and resources are cleaned up. The advisory notes that commit f1cc2eb provides the specific implementation details for this fix [ref_id=1].
Preconditions
- inputThe attacker must provide a specially crafted image file that triggers a failure during the WriteDPXImage processing loop.
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/4192-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2020/dsa-4712mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/108913mitrevdb-entryx_refsource_BID
- github.com/ImageMagick/ImageMagick/issues/1517mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.