Release date:
2026-07-13 11:23:24 UTC
Description:
- CVE-2026-56361: out-of-bounds access in AcquireKernelBuiltIn()
(magick/morphology.c) from an off-by-one in the user-kernel origin bounds
check, which accepted xi/psi equal to the kernel width or height
- CVE-2026-56367: integer overflow of image->rows * psd_info->channels in the
PSD RLE reader (coders/psd.c ReadPSDMergedImage) leading to an undersized
allocation and heap out-of-bounds access on the 32-bit (i686) build
- CVE-2026-56368: memory leak of the acquired QuantumInfo in the raw-pixel
writers (coders/bgr.c, cmyk.c, gray.c, rgb.c, ycbcr.c) when OpenBlob() fails
and Write*Image returns early
- CVE-2026-56370: out-of-bounds write in ConnectedComponentsImage()
(magick/vision.c) where a user connected-components:keep/remove id indexes
the object array without a range check
- CVE-2026-56378: out-of-bounds write in the PCD Huffman decoder DecodeImage()
(coders/pcd.c) where crafted input advances the output pointer past the end
of the luma buffer
Updated packages:
-
ImageMagick-6.9.10.97-1.amzn2.0.30.tuxcare.els3.i686.rpm
sha:568654e12a260c1b2dc4a5ceb6851482a82b50843d7b87ca06af5ce5815e1b8d
-
ImageMagick-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:8142c1fc9d9bcd19db040d6b8016035f9c29ef46c8d37c5b12e5cfd9431e6469
-
ImageMagick-c++-6.9.10.97-1.amzn2.0.30.tuxcare.els3.i686.rpm
sha:db0d39b1f485ad5653f118c629d8b193abb647ec4efa140e20b37e693ec7a28b
-
ImageMagick-c++-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:1944a5bdbaf47f5e0b1283e7626181212f71f37dd48b2ed1ea6e94cc20bbc664
-
ImageMagick-c++-devel-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:212da28988a0d7403271196f66bebfc7da570810af16755127f7e24d973e4246
-
ImageMagick-devel-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:3af4c94b6d94544558f2c7a03cf0afd0da057a2d6c655e747ac317fcb415aa04
-
ImageMagick-doc-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:f37828f40ac1efa363dc608e8898d02fa4c83e492a7a04796f41b9c32f142e52
-
ImageMagick-perl-6.9.10.97-1.amzn2.0.30.tuxcare.els3.x86_64.rpm
sha:559da5e90023f178d70e95ab3cc5a950039b205fdcfed116c77b328b83e62e51
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.