CVE-2020-27756
Description
Divide-by-zero in ParseMetaGeometry() of ImageMagick prior to 7.0.9-0 can cause undefined behavior and denial of service via crafted input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Divide-by-zero in ParseMetaGeometry() of ImageMagick prior to 7.0.9-0 can cause undefined behavior and denial of service via crafted input.
Vulnerability
A divide-by-zero vulnerability exists in the ParseMetaGeometry() function in MagickCore/geometry.c of ImageMagick. The image height and width calculations can lead to division by zero, resulting in undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0 [1]. The patch uses multiplication in addition to the function PerceptibleReciprocal() to prevent such divide-by-zero conditions [1].
Exploitation
An attacker can trigger the vulnerability by providing a specially crafted input file to ImageMagick for processing. No authentication or special network position is required; the attacker only needs to supply the malicious file to the application using ImageMagick [1].
Impact
Successful exploitation results in undefined behavior, which can lead to application crash and denial of service, impacting availability [1]. The confidentiality and integrity of data are not directly compromised per the available information.
Mitigation
The fix is included in ImageMagick version 7.0.9-0 [1]. Users should upgrade to at least this version. For Red Hat Enterprise Linux 5, 6, and 7, this flaw is out of support scope [1]. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8 [1]. If an immediate upgrade is not possible, ensure that untrusted input files are not processed with ImageMagick.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
20- Range: <7.0.9-0
- osv-coords19 versionspkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/ImageMagick&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/ImageMagick&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/ImageMagick&distro=SUSE%20Manager%20Server%204.0
< 7.0.7.34-lp151.7.26.1+ 18 more
- (no CPE)range: < 7.0.7.34-lp151.7.26.1
- (no CPE)range: < 7.0.7.34-lp152.12.9.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-10.9.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-10.9.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
- (no CPE)range: < 7.0.7.34-3.90.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing guard against zero-valued denominators in image height and width calculations within ParseMetaGeometry() leads to divide-by-zero undefined behavior."
Attack vector
An attacker supplies a crafted input file that, when processed by ImageMagick, triggers a divide-by-zero condition in `ParseMetaGeometry()` [ref_id=1]. The flaw does not require authentication; the attacker only needs to deliver the malicious file to a victim or service that uses ImageMagick to parse image geometry. The resulting undefined behavior can impact application availability.
Affected code
The vulnerability resides in `ParseMetaGeometry()` within `MagickCore/geometry.c` [ref_id=1]. Image height and width calculations in this function can lead to divide-by-zero conditions.
What the fix does
The patch modifies the calculations in `ParseMetaGeometry()` to use multiplication combined with the `PerceptibleReciprocal()` function [ref_id=1]. This prevents the denominator from becoming zero, thereby eliminating the divide-by-zero condition and the associated undefined behavior.
Preconditions
- inputThe victim or service must process a crafted input file using ImageMagick.
- authNo authentication is required; the attacker only needs to deliver the malicious file.
Generated on May 31, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.