CVE-2019-12979
Description
A use-of-uninitialized-value vulnerability in ImageMagick 7.0.8-34's SyncImageSettings function can lead to undefined behavior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A use-of-uninitialized-value vulnerability in ImageMagick 7.0.8-34's SyncImageSettings function can lead to undefined behavior.
Vulnerability
ImageMagick 7.0.8-34 contains a use-of-uninitialized-value vulnerability in the SyncImageSettings function located in MagickCore/image.c [1]. The issue occurs when parsing density settings: the code unconditionally assigns geometry_info.rho and geometry_info.sigma to image->resolution.x and image->resolution.y without first checking the flags from ParseGeometry [1]. If the input density string does not provide rho or sigma values, the corresponding geometry_info fields remain uninitialized, leading to undefined behavior [1]. The affected version is 7.0.8-34; earlier versions may also be affected if they lack the proper fix [1].
Exploitation
An attacker would need to provide a crafted image or a malformed density string (e.g., an empty string or one lacking proper coordinate values) to trigger the code path in SyncImageSettings [1]. No special authentication or network position is required beyond the ability to process an image with ImageMagick (e.g., via a web upload service or command-line invocation). The uninitialized variable is read when the code executes the density assignment without validating the ParseGeometry flags [1].
Impact
Successful exploitation results in undefined behavior, potentially leading to information disclosure or a crash [1]. The uninitialized values may cause unexpected resolution values, which could affect downstream processing or expose memory contents through error messages or output images. The impact scope is limited to confidentiality and availability; code execution is not reported [1].
Mitigation
The vulnerability is fixed in ImageMagick version 7.0.8-35, released on June 22, 2019, via commit 56a19e7 [1]. Users should upgrade to version 7.0.8-35 or later. No workaround is documented, and the issue is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
13- ImageMagick/ImageMagickdescription
- Range: =7.0.8-34
- osv-coords11 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 7.0.7.34-lp151.7.9.1+ 10 more
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 7.0.7.34-lp151.7.9.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 7.0.7.34-3.67.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
- (no CPE)range: < 6.8.8.1-71.126.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The SyncImageSettings function uses uninitialized values from the geometry_info structure when parsing image density."
Attack vector
An attacker can trigger this vulnerability by providing a crafted image file that influences the density settings processed by the application [ref_id=1]. When SyncImageSettings is called, the application attempts to read values from the geometry_info structure before they are properly initialized or validated based on the flags returned by ParseGeometry. This leads to the use of uninitialized memory during the assignment of image resolution values.
Affected code
The vulnerability is located in the SyncImageSettings function within MagickCore/image.c [ref_id=1]. The issue is also noted to be related to the AcquireImage function in magick/image.c.
What the fix does
The patch modifies the logic in SyncImageSettings to explicitly check for the presence of RhoValue and SigmaValue flags before assigning values to image resolution [ref_id=1]. By verifying these flags, the code ensures that only initialized data from geometry_info is used to update the image resolution. This prevents the application from relying on uninitialized memory when the density geometry is incomplete or improperly formatted.
Preconditions
- inputThe application must process a crafted image file that triggers the density parsing logic in SyncImageSettings.
Generated on Jun 1, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/4192-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2020/dsa-4712mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/108913mitrevdb-entryx_refsource_BID
- github.com/ImageMagick/ImageMagick/issues/1522mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.