CVE-2026-22770
BaseFortify
Publication date: 2026-01-20
Last updated on: 2026-01-29
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 7.1.2-13 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-763 | The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability does not impact confidentiality but results in low integrity and high availability impacts. Since it does not affect confidentiality of data, it is unlikely to directly affect compliance with standards like GDPR or HIPAA that focus on data privacy and protection. However, the high availability impact could affect service reliability, which might indirectly influence compliance depending on the regulatory requirements for system uptime and data availability. [2]
Can you explain this vulnerability to me?
This vulnerability in ImageMagick occurs in the BilateralBlurImage method, specifically in the AcquireBilateralTLS function. The function allocates a set of double buffers, but in versions prior to 7.1.2-13, the last element of this buffer set is not properly initialized. If memory allocation fails, this improper initialization causes the program to release an invalid pointer during the execution of DestroyBilateralTLS, leading to potential memory corruption or crashes. The issue is related to incorrect memory handling and is fixed by properly initializing all allocated buffers and adding checks to prevent unsafe memory allocation. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by causing the ImageMagick software to crash or behave unpredictably due to the release of invalid memory pointers. It has a high impact on availability, meaning it can lead to denial of service conditions. The vulnerability does not affect confidentiality but has a low impact on integrity. An attacker could exploit this remotely without privileges or user interaction, but the attack complexity is high. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by identifying the version of ImageMagick installed on your system. Since the vulnerability affects versions prior to 7.1.2-13, you can check the installed version using the command `magick -version` or `convert -version`. If the version is older than 7.1.2-13, the system is vulnerable. Additionally, monitoring logs for crashes or abnormal terminations related to image processing tasks involving BilateralBlurImage may indicate exploitation attempts. There are no specific network detection commands provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade ImageMagick to version 7.1.2-13 or later, where the vulnerability has been patched. This update includes fixes such as proper initialization of buffers, heap overflow checks, and improved error handling to prevent invalid pointer releases. If upgrading is not immediately possible, consider restricting access to services that use ImageMagick to trusted users only and monitor for suspicious activity related to image processing. [1, 2]