CVE-2025-69204

unknown

Published — · Modified —

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

—

Description

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

community-verified Authored 2026-05-29

{

Immediate action: upgrade to ImageMagick 7.1.2-12.

Interim mitigation if upgrade is delayed:

1. Edit /etc/ImageMagick-7/policy.xml (or ~/.config/ImageMagick/policy.xml):

<policymap>
  <policy domain="resource" name="list-length" value="4096"/>
  <policy domain="coder" rights="none" pattern="SVG" />
</policymap>

2. Restart services that fork ImageMagick (e.g., systemctl restart php-fpm).

3. Test rendering: convert test.svg output.png should reject oversized attribute lists.

Rollback: remove or comment the policy stanza, restart services.

Note: disabling SVG entirely (line 3) is safest if SVG write is non-essential.

}

OS impact

SUSE Affected 1 release

Version	Status	Fixed in
—	Affected	—

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`8:7.1.1.43+dfsg1-1+deb13u4`
sid	Fixed	`8:7.1.2.12+dfsg1-1`
forky	Fixed	`8:7.1.2.12+dfsg1-1`
bullseye	Fixed	`8:6.9.11.60+dfsg-1.3+deb11u8`
bookworm	Fixed	`8:6.9.11.60+dfsg-1.6+deb12u5`

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.