VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2019· Updated Aug 5, 2024

CVE-2019-19950

CVE-2019-19950

Description

A use-after-free vulnerability in GraphicsMagick's ThrowLoggedException can be triggered via a crafted image file, leading to potential denial of service or code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A use-after-free vulnerability in GraphicsMagick's ThrowLoggedException can be triggered via a crafted image file, leading to potential denial of service or code execution.

Vulnerability

In GraphicsMagick 1.4 snapshot-20190403 Q8, a use-after-free vulnerability exists in the ThrowLoggedException function in magick/error.c. This occurs when processing a crafted image file that causes the WritePS2Image function (in coders/ps2.c) to invoke the error handling path, leading to a read from freed memory [1].

Exploitation

An attacker can trigger the vulnerability by providing a specially crafted image file and using the gm convert command to convert it to PS2 format (e.g., gm convert $poc ./out.ps2). No authentication or network access is required; the attack is local and depends on user interaction to process the malicious file [1].

Impact

Successful exploitation results in a heap-use-after-free, which can cause a crash (denial of service). In more sophisticated scenarios, an attacker may be able to achieve arbitrary code execution in the context of the GraphicsMagick process [1].

Mitigation

As of the publication date (December 24, 2019), no fix was available in the referenced bug report. Users should monitor for updates from the GraphicsMagick project and apply any patches when released. Until a fix is available, avoid processing untrusted image files with the affected version [1].

References
  1. GraphicsMagick / Bugs / #603 heap-use-after-free in function ThrowLoggedException of magick/error.c

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"A heap-use-after-free vulnerability exists in the error handling functions of GraphicsMagick."

Attack vector

An attacker can trigger this vulnerability by providing a specially crafted input file to the `gm convert` command. The vulnerability is triggered during the processing of the input file, leading to a use-after-free condition within the `ThrowLoggedException` function. This can be demonstrated by executing a command like `./gm convert $poc ./out.ps2` where `$poc` is a malicious input file [ref_id=1].

Affected code

The vulnerability resides in the `ThrowException` and `ThrowLoggedException` functions within the `magick/error.c` file. The call stack shows that `ThrowLoggedException` is involved in the error handling path, which is ultimately called during image processing, such as when writing a PS2 image (`coders/ps2.c`) [ref_id=1].

What the fix does

The provided bundle does not contain information about a patch or specific remediation steps. The advisory indicates a heap-use-after-free in `ThrowLoggedException` of `magick/error.c` [ref_id=1]. Without a patch or further details, the exact fix cannot be described.

Preconditions

  • inputA specially crafted input file that triggers the error handling path.
  • configThe affected version is GraphicsMagick 1.4 snapshot-20190403 Q8.

Reproduction

The reference write-up provides a command to reproduce the issue: `./graphicsmagick-code/utilities/gm convert $poc ./out.ps2` where `$poc` is a malicious input file [ref_id=1].

Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

6

News mentions

0

No linked articles in our index yet.