MEDIUM 5.3 NuGet
ImageMagick: MSL image stack index may fail to refresh, leading to leaked images
GHSA-782x-jh29-9mf7 · CVE-2026-25988
Published · Modified
Description
Sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks.
==841485==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 13512 byte(s) in 1 object(s) allocated from:
#0 0x7ff330759887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
References
- WEB https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-25988
- WEB https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2
- PACKAGE https://github.com/ImageMagick/ImageMagick
- WEB https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3
Ready to move
Start Securing
Free, no credit card | First findings in minutes