CVE-2020-21679
Description
A heap-buffer-overflow in GraphicsMagick's WritePCXImage function allows denial of service when converting crafted images to PCX format.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A heap-buffer-overflow in GraphicsMagick's WritePCXImage function allows denial of service when converting crafted images to PCX format.
Vulnerability
The WritePCXImage function in pcx.c in GraphicsMagick 1.4 contains a heap-buffer-overflow vulnerability. An integer underflow or miscalculated write leads to an out-of-bounds write at pcx.c:1255 when processing a carefully crafted image during conversion to the PCX format. This occurs when the gm utility or library attempts to write PCX output, affecting all versions of GraphicsMagick 1.4 and potentially earlier releases [1].
Exploitation
An attacker can trigger the vulnerability by providing a crafted image file (e.g., a malicious PNG, JPEG, or other supported format) and invoking a conversion to PCX using GraphicsMagick's convert command or equivalent API. No special authentication or network access is required if the attacker can supply the image file to a process that converts it. The bug is reachable through the normal image read-write pipeline without any additional configuration [1].
Impact
A successful exploit causes a heap-buffer-overflow that can corrupt memory, leading to a denial of service (crash) of the GraphicsMagick process. While the referenced advisory demonstrates a write overflow of size 1, the crash is reliably reproducible. Under certain conditions, the overflow might be leveraged for arbitrary code execution, though the reference does not demonstrate this; the primary impact is denial of service [1].
Mitigation
GraphicsMagick version 1.3.36 was released on 2021-06-14 and includes a fix for this issue. Users should upgrade to version 1.3.36 or later. For systems where an immediate upgrade is not feasible, restricting image conversion to trusted sources and avoiding the PCX output format can reduce risk. This vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
10(expand)+ 1 more
- (no CPE)
- (no CPE)range: =1.4
- osv-coords8 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 7.0.7.34-150200.10.54.1+ 7 more
- (no CPE)range: < 7.0.7.34-150200.10.54.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 6.8.8.1-71.198.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 6.8.8.1-71.198.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 6.8.8.1-71.198.1
- (no CPE)range: < 6.8.8.1-71.198.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A heap-buffer-overflow occurs in the WritePCXImage function when converting a crafted image file to PCX format."
Attack vector
A remote attacker can trigger this vulnerability by providing a specially crafted image file to the GraphicsMagick conversion utility. The utility then processes this image, leading to the buffer overflow during the PCX image writing phase. This overflow can cause the application to crash, resulting in a denial of service. The vulnerability was identified in GraphicsMagick version 1.4 [ref_id=1].
Affected code
The vulnerability resides in the `WritePCXImage` function located in the `pcx.c` file. Specifically, the issue is at line 1255, where a heap-buffer-overflow occurs during the writing process. The overflow is triggered when converting an image to PCX format [ref_id=1].
What the fix does
The patch addresses a heap-buffer-overflow in the `WritePCXImage` function within `pcx.c`. The vulnerability occurs at line 1255, where a write operation of size 1 happens at an out-of-bounds address [ref_id=1]. The exact fix is not detailed in the provided information, but it aims to correct the memory handling during the PCX image writing process to prevent the overflow.
Preconditions
- inputA crafted image file that exploits the buffer overflow vulnerability.
Reproduction
The provided ASAN log details the crash and points to the `WritePCXImage` function in `pcx.c` at line 1255 as the source of the heap-buffer-overflow [ref_id=1]. The log also shows the call stack, indicating that the vulnerability is triggered during image conversion via the `ConvertImageCommand` function [ref_id=1].
Generated on Jun 6, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.