CVE-2025-69204
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Immediate action: upgrade to ImageMagick 7.1.2-12.
Interim mitigation if upgrade is delayed:
1. Edit /etc/ImageMagick-7/policy.xml (or ~/.config/ImageMagick/policy.xml):
<policymap>
<policy domain="resource" name="list-length" value="4096"/>
<policy domain="coder" rights="none" pattern="SVG" />
</policymap>2. Restart services that fork ImageMagick (e.g., systemctl restart php-fpm).
3. Test rendering: convert test.svg output.png should reject oversized attribute lists.
Rollback: remove or comment the policy stanza, restart services.
Note: disabling SVG entirely (line 3) is safest if SVG write is non-essential.
}OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 8:6.9.11.60+dfsg-1.6+deb12u5 |
| debian | bullseye | fixed | 8:6.9.11.60+dfsg-1.3+deb11u8 |
| debian | forky | fixed | 8:7.1.2.12+dfsg1-1 |
| debian | sid | fixed | 8:7.1.2.12+dfsg1-1 |
| debian | trixie | fixed | 8:7.1.1.43+dfsg1-1+deb13u4 |
| sles | affected | |
References
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.