CVE-2026-25969
Memory Leak in ImageMagick ashlar.c Causes Resource Exhaustion
Publication date: 2026-02-24
Last updated on: 2026-02-25
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagemagick | imagemagick | to 7.1.2-15 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-25969 is a moderate severity memory leak vulnerability in the ImageMagick software, specifically in the coders/ashlar.c source file. The issue occurs in the WriteASHLARImage function, which allocates memory for a structure but fails to properly release this memory when an exception is thrown. This results in a potential memory leak where allocated memory remains unreleased.
This vulnerability affects ImageMagick versions prior to 7.1.2-15 and has been fixed in version 7.1.2-15.
How can this vulnerability impact me? :
This vulnerability allows an attacker to remotely cause a memory leak without requiring any privileges or user interaction. The memory leak can lead to resource exhaustion on the affected system, potentially reducing its availability.
While it does not impact confidentiality or integrity, the low impact on availability means that the system could become less responsive or unstable due to the unreleased memory accumulating over time.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a memory leak in the WriteASHLARImage function of ImageMagick prior to version 7.1.2-15. Detection involves monitoring the ImageMagick process for abnormal memory usage or leaks.
Using memory analysis tools such as Valgrind can help detect the memory leak. For example, running ImageMagick commands under Valgrind can reveal unreleased memory blocks.
- Run Valgrind on ImageMagick commands that use the ashlar coder, e.g.: valgrind --leak-check=full magick convert input.png output.png
- Monitor system memory usage of ImageMagick processes over time to detect leaks.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade ImageMagick to version 7.1.2-15 or later, where the memory leak has been patched.
Until the upgrade can be applied, limit exposure by restricting network access to services using vulnerable ImageMagick versions, as the vulnerability can be exploited remotely without authentication.
Monitor system resources to detect potential memory exhaustion caused by exploitation attempts.