ImageMagick has an integer overflow in DIB coder can result in out of bounds read or write

Vulnerability

Overview

An integer overflow vulnerability exists in the DIB (Device Independent Bitmap) coder of ImageMagick, a widely used image processing suite. The flaw occurs when handling specially crafted DIB images, where arithmetic operations on image dimensions or buffer sizes can overflow, leading to undersized memory allocations. This results in out-of-bounds read or write operations when the image data is processed [2][4].

Exploitation

An attacker can exploit this vulnerability by providing a malicious DIB image to an application that uses ImageMagick to process user-supplied images. No authentication is required, and the attack can be performed remotely over a network if the application accepts image uploads or processes images from untrusted sources. The complexity of the attack is low, as the crafted image can be constructed without special privileges [4].

Impact

Successful exploitation can lead to memory corruption, potentially allowing an attacker to read sensitive information from memory (confidentiality breach) or write arbitrary data, which may result in code execution or denial of service. The out-of-bounds access can corrupt adjacent memory structures, affecting the integrity and availability of the affected system [2][4].

Mitigation

The vulnerability is fixed in ImageMagick versions 7.1.2-16 and 6.9.13-41, released on 2026-03-08 [2][3]. Users are strongly advised to update to these patched versions. As a workaround, administrators can implement security policies to restrict processing of DIB images or disable the DIB coder if not needed [1]. The fix is also included in downstream libraries such as Magick.NET 14.10.4 [3].