CVE-2019-12978
Description
ImageMagick 7.0.8-34 has a use-of-uninitialized-value vulnerability in ReadPANGOImage that can cause undefined behavior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick 7.0.8-34 has a use-of-uninitialized-value vulnerability in ReadPANGOImage that can cause undefined behavior.
Vulnerability
ImageMagick version 7.0.8-34 contains a use-of-uninitialized-value vulnerability in the ReadPANGOImage function in coders/pango.c [1]. The issue occurs when an image is acquired via AcquireImage and the SetImageBackgroundColor function is not called if image->columns or image->rows is zero, leaving pixel data uninitialized [1]. This code path is reachable when processing specially crafted images that trigger the PANGO decoder.
Exploitation
An attacker can exploit this vulnerability by providing a crafted image file to a victim using ImageMagick to process it. No authentication or special privileges are required beyond the ability to submit an image for processing. The vulnerability is triggered during image decoding when the PANGO code path is invoked and the image dimensions are zero, causing access to uninitialized memory.
Impact
Successful exploitation leads to undefined behavior due to reading uninitialized memory. This could result in denial of service (e.g., crash) or potential information disclosure if the uninitialized data is exposed. The severity depends on the context of the application using ImageMagick.
Mitigation
The vulnerability was addressed in later commits (e.g., 18df577 and f1fb781) [1]. Users should upgrade ImageMagick to a version after 7.0.8-34 that includes the fix. If upgrading is not immediately possible, avoid processing untrusted images with the PANGO decoder as a workaround.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
13- ImageMagick/ImageMagickdescription
- Range: =7.0.8-34
- osv-coords11 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 7.0.7.34-lp151.7.9.1+ 10 more
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The ReadPANGOImage function fails to initialize image background properties when image dimensions are zero."
Attack vector
An attacker can trigger this vulnerability by providing a specially crafted input file that causes the ReadPANGOImage function to process an image with zero columns or rows [ref_id=1]. This leads to a use-of-uninitialized-value condition during image processing. The vulnerability is located within the coders/pango.c file [ref_id=1].
Affected code
The vulnerability is located in the ReadPANGOImage function within the coders/pango.c file [ref_id=1].
What the fix does
The advisory suggests that the vulnerability can be mitigated by calling SetImageBackgroundColor only when the condition image->columns != 0 and image->rows != 0 is satisfied [ref_id=1]. By ensuring that background properties are only set for valid image dimensions, the use of uninitialized values is prevented. The advisory does not specify if a formal patch has been applied to the codebase.
Preconditions
- inputThe attacker must provide an input file that results in an image with zero columns or rows during processing by ReadPANGOImage.
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/4192-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2020/dsa-4712mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/108913mitrevdb-entryx_refsource_BID
- github.com/ImageMagick/ImageMagick/issues/1519mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.