CVE-2025-57803
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-26

Last updated on: 2025-11-03

Assigner: GitHub, Inc.

Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 Γ— width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-26
Last Modified
2025-11-03
Generated
2026-05-07
AI Q&A
2025-08-26
EPSS Evaluated
2026-05-05
NVD
CVE-2025-57803
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
imagemagick imagemagick From 7.0.11-13 (inc) to 7.1.1-36 (inc)
imagemagick imagemagick From 7.0.11-13 (inc) to 7.1.1-36 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-190 The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a 32-bit integer overflow in the BMP encoder of ImageMagick's 32-bit build. It causes the calculation of bytes_per_line (stride) to overflow and become a very small value, while the encoder still writes 3 times the image width bytes per row for 24-bpp images. As a result, the row base pointer advances incorrectly, causing the first row to write beyond its allocated memory into adjacent heap memory with attacker-controlled data. This leads to heap corruption and can be exploited in image auto-conversion pipelines.


How can this vulnerability impact me? :

This vulnerability can lead to heap corruption, which is a powerful primitive for attackers. Exploiting it could allow an attacker to execute arbitrary code, cause a denial of service, or compromise the integrity and availability of systems that use vulnerable versions of ImageMagick for image processing.


What immediate steps should I take to mitigate this vulnerability?

Update ImageMagick to version 6.9.13-28 or later, or 7.1.2-2 or later, as these versions contain the patch that fixes the 32-bit integer overflow vulnerability in the BMP encoder.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart