VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 8, 2020· Updated Aug 4, 2024

CVE-2020-27757

CVE-2020-27757

Description

Floating point calculation in ImageMagick's ScaleAnyToQuantum() causes undefined behavior via crafted input, potentially impacting availability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Floating point calculation in ImageMagick's ScaleAnyToQuantum() causes undefined behavior via crafted input, potentially impacting availability.

Vulnerability

The vulnerability is in the ScaleAnyToQuantum() function in /MagickCore/quantum-private.h. A floating point math calculation can produce a value outside the range of unsigned long long, leading to undefined behavior [1]. Affected versions are ImageMagick prior to 7.0.8-68.

Exploitation

An attacker could trigger this by providing a specially crafted input file processed by ImageMagick. No specific exploitation details are provided, but the flaw occurs under certain conditions during image processing [1].

Impact

Red Hat Product Security rated this as Low severity. While it could potentially impact application availability, no specific impact was demonstrated [1]. The undefined behavior may cause a crash or other unpredictable behavior.

Mitigation

The fix is included in ImageMagick version 7.0.8-68 and later [1]. Users should upgrade to that or a newer version. No workarounds are mentioned. Red Hat Enterprise Linux 5, 6, 7 are out of support scope [1].

References
  1. outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

40

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"A floating-point math calculation in ScaleAnyToQuantum() can produce a value outside the range of type unsigned long long, causing undefined behavior."

Attack vector

An attacker can craft a malicious input file that, when processed by ImageMagick, triggers the floating-point calculation in `ScaleAnyToQuantum()` to yield a value outside the range of `unsigned long long`. This undefined behavior could potentially impact application availability, though no specific exploit impact was demonstrated. The attack requires no special privileges beyond delivering the crafted file to the victim's ImageMagick processing pipeline [ref_id=1].

Affected code

The flaw resides in the `ScaleAnyToQuantum()` function within `/MagickCore/quantum-private.h`. A floating-point math calculation in this function can produce a value outside the representable range of `unsigned long long`, leading to undefined behavior. ImageMagick versions prior to 7.0.8-68 are affected [ref_id=1].

What the fix does

The advisory does not include a published patch diff. The recommended remediation is to update to ImageMagick version 7.0.8-68 or later, where the undefined behavior in `ScaleAnyToQuantum()` is addressed. Without the patch source, the exact fix is not visible, but it presumably adds bounds checking or adjusts the floating-point arithmetic to prevent out-of-range results [ref_id=1].

Preconditions

  • inputThe victim must process a crafted input file using an affected version of ImageMagick (prior to 7.0.8-68).
  • inputThe crafted file must trigger the ScaleAnyToQuantum() function under conditions that cause the floating-point calculation to overflow the unsigned long long type.

Generated on May 31, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.