Unrated severityNVD Advisory· Published Mar 9, 2021· Updated Aug 3, 2024

CVE-2021-20244

Description

ImageMagick divide-by-zero in ImplodeImage crashes the process when a crafted image with zero rows/columns is processed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

ImageMagick divide-by-zero in ImplodeImage crashes the process when a crafted image with zero rows/columns is processed.

Vulnerability

The vulnerability is a divide-by-zero flaw in ImplodeImage() function in MagickCore/visual-effects.c within ImageMagick. If a crafted image is processed that sets image attributes such as rows or columns to zero (or other values triggering the division path), the code reaches division operations that result in undefined behavior. Versions before the patch are affected [1][2].

Exploitation

An attacker needs to submit a crafted image file that causes ImageMagick to call the ImplodeImage() routine. No special privileges are required; the image must be processed by the vulnerable ImageMagick installation. The division by zero occurs when the code attempts to compute reciprocals without checking for zero-valued attributes [2].

Impact

Successful exploitation causes undefined behavior leading most likely to application denial of service (crash), impacting system availability. The flaw is classified as a divide-by-zero vulnerability with a CVSS severity that primarily threatens availability [2].

Mitigation

A fix was provided in upstream pull request #3194, which replaced division operations with the PerceptibleReciprocal() routine [1]. Users should update to a version of ImageMagick that includes this patch. As of the advisory, the fix is available via the repository, and affected distributions (e.g., epel-8, fedora-all) have tracking bugs [2]. No documented workarounds exist other than applying the patch.

References

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

ImageMagick/ImageMagickdescription
ImageMagick/Imagemagickllm-fuzzy
osv-coords14 versions
pkg:apk/chainguard/imagemagick-6 pkg:apk/chainguard/imagemagick-6-dev pkg:apk/chainguard/imagemagick-6-doc pkg:apk/chainguard/imagemagick-6-static pkg:rpm/opensuse/ImageMagick&distro=openSUSE%20Leap%2015.2 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 0+ 13 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 7.0.7.34-lp152.12.12.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 7.0.7.34-10.12.1
- (no CPE)range: < 7.0.7.34-10.12.1
- (no CPE)range: < 6.8.8.1-71.162.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 6.8.8.1-71.162.1
- (no CPE)range: < 7.0.7.34-150000.3.123.1
- (no CPE)range: < 6.8.8.1-71.162.1
- (no CPE)range: < 6.8.8.1-71.162.1

Patches

35b4991eb093

...

https://github.com/imagemagick/imagemagickCristyFeb 7, 2021via osv

commit

1 file changed · +1 −1

ChangeLog+1 −1 modified

@@ -1,5 +1,5 @@
 2021-02-07  7.0.10-62  <quetzlzacatenango@image...>
-  * Release ImageMagick version 7.0.10-62 GIT revision 18416:e709dd485:20210207
+  * Release ImageMagick version 7.0.10-62 GIT revision 18418:f1e915f65:20210207
 
 2021-02-01  7.0.10-62  <quetzlzacatenango@image...>
   * -trim not working as expected (reference

329dd528ab79

uses the PerceptibleReciprocal() to prevent the divide-by-zero from occurring (#3194)

https://github.com/imagemagick/imagemagickruc_zhangxiaohuiFeb 3, 2021via body-scan

commit PR #3194

1 file changed · +5 −5

MagickCore/visual-effects.c+5 −5 modified

@@ -1005,11 +1005,11 @@ MagickExport Image *ImplodeImage(const Image *image,const double amount,
   center.y=0.5*canvas_image->rows;
   radius=center.x;
   if (canvas_image->columns > canvas_image->rows)
-    scale.y=(double) canvas_image->columns/(double) canvas_image->rows;
+    scale.y=(double) canvas_image->columns*PerceptibleReciprocal((double) canvas_image->rows);
   else
     if (canvas_image->columns < canvas_image->rows)
       {
-        scale.x=(double) canvas_image->rows/(double) canvas_image->columns;
+        scale.x=(double) canvas_image->rows*PerceptibleReciprocal((double) canvas_image->columns);
         radius=center.y;
       }
   /*
@@ -1085,10 +1085,10 @@ MagickExport Image *ImplodeImage(const Image *image,const double amount,
           */
           factor=1.0;
           if (distance > 0.0)
-            factor=pow(sin(MagickPI*sqrt((double) distance)/radius/2),-amount);
+            factor=pow(sin(MagickPI*sqrt((double) distance)*PerceptibleReciprocal(radius)/2),-amount);
           status=InterpolatePixelChannels(canvas_image,interpolate_view,
-            implode_image,method,(double) (factor*delta.x/scale.x+center.x),
-            (double) (factor*delta.y/scale.y+center.y),q,exception);
+            implode_image,method,(double) (factor*delta.x*PerceptibleReciprocal(scale.x)+center.x),
+            (double) (factor*delta.y*PerceptibleReciprocal(scale.y)+center.y),q,exception);
           if (status == MagickFalse)
             break;
         }

Vulnerability mechanics

Root cause

"Missing safe reciprocal handling in ImplodeImage() allows division by zero when image attributes are set to zero."

Attack vector

An attacker submits a crafted image file that, when processed by ImageMagick, causes the `ImplodeImage()` function to divide by zero [ref_id=1]. The crafted image sets attributes such as rows, columns, or radius to zero, triggering undefined behavior in the form of a math division by zero [ref_id=1]. The highest threat from this vulnerability is to system availability, though other undefined behavior could potentially occur [ref_id=1].

Affected code

The vulnerability resides in `MagickCore/visual-effects.c` within the `ImplodeImage()` function [ref_id=1]. Five division operations in this routine could trigger a divide-by-zero when processing a crafted image that sets image rows, columns, or related attributes to zero [ref_id=1].

What the fix does

The patch [patch_id=2271428] replaces five direct division operations in `ImplodeImage()` with multiplication by `PerceptibleReciprocal()`. This function returns a safe reciprocal value (typically zero) when the divisor would be zero, preventing the divide-by-zero undefined behavior [patch_id=2271428]. The change affects the calculation of `scale.y`, `scale.x`, the `factor` computation, and the coordinate interpolation for `delta.x` and `delta.y` [patch_id=2271428].

Preconditions

inputThe attacker must supply a crafted image file that sets image rows, columns, or radius to zero
inputThe crafted image must be processed by ImageMagick's ImplodeImage() routine

Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

lists.debian.org/debian-lts-announce/2021/03/msg00030.htmlmitremailing-list
lists.debian.org/debian-lts-announce/2023/05/msg00020.htmlmitremailing-list
bugzilla.redhat.com/show_bug.cgimitre
github.com/ImageMagick/ImageMagick/pull/3194mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000