CVE-2019-16710
Description
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c when processing DOT files via AcquireMagickMemory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c when processing DOT files via AcquireMagickMemory.
Vulnerability
ImageMagick version 7.0.8-35 contains a memory leak vulnerability in the coders/dot.c file. The leak occurs when the ReadDOTImage function calls AcquireMagickMemory (via AcquireCriticalMemory and AcquireImage) to allocate memory for an image structure but fails to properly free it under certain conditions. This is demonstrated by using the composite command on DOT files [1].
Exploitation
An attacker can trigger the memory leak by providing a crafted DOT image file as input to the magick composite command. No special privileges are required; the attacker only needs to convince the victim to process a malicious DOT file with an affected version of ImageMagick. The leak is reproducible on Linux systems using build flags that enable AddressSanitizer detection [1].
Impact
Repeated exploitation causes progressive memory exhaustion, which may lead to denial of service due to resource starvation. The vulnerability does not directly allow code execution or information disclosure beyond what is already available during normal image processing [1].
Mitigation
No official fix was released in the same version. The vendor was notified through a GitHub issue [1]. Users should upgrade to a version of ImageMagick later than 7.0.8-35 that includes memory management improvements, or consider restricting the processing of untrusted DOT files until a patch is applied.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
18- ImageMagick/ImageMagickdescription
- Range: = 7.0.8-35
- osv-coords16 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 7.0.7.34-lp150.2.41.1+ 15 more
- (no CPE)range: < 7.0.7.34-lp150.2.41.1
- (no CPE)range: < 7.0.7.34-lp151.7.12.1
- (no CPE)range: < 7.1.0.9-1.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 7.0.7.34-3.72.1
- (no CPE)range: < 7.0.7.34-3.72.1
- (no CPE)range: < 7.0.7.34-3.72.1
- (no CPE)range: < 7.0.7.34-3.72.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
- (no CPE)range: < 6.8.8.1-71.131.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Memory leak in ReadDOTImage: an Image object is allocated via AcquireMagickMemory but never freed on certain code paths in coders/dot.c."
Attack vector
An attacker provides a crafted DOT file as input to ImageMagick's composite command (e.g., `./magick composite input1 input2 output.aai`). The ReadDOTImage function in coders/dot.c [ref_id=1] allocates memory via AcquireMagickMemory (called through AcquireImage) but fails to release that allocation on all exit paths, causing a memory leak. No special privileges or network access beyond supplying a malicious file are required.
Affected code
The leak occurs in ReadDOTImage in coders/dot.c at line 129 [ref_id=1], where AcquireImage allocates memory via AcquireMagickMemory (MagickCore/memory.c:478). The allocated Image object is not freed on all return paths.
What the fix does
No patch is included in the bundle. The advisory [ref_id=1] identifies the leak at coders/dot.c:129 in ReadDOTImage, where an Image is allocated but not freed before the function returns. A proper fix would ensure that the allocated Image object is freed (e.g., via DestroyImage) on every error or early-return path in ReadDOTImage, preventing the memory from leaking.
Preconditions
- inputAttacker must supply a crafted DOT file as input to ImageMagick.
- configThe composite command (or any command that triggers ReadDOTImage) must be invoked.
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/4192-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2020/dsa-4712mitrevendor-advisoryx_refsource_DEBIAN
- github.com/ImageMagick/ImageMagick/issues/1528mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.