Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Mageia 9: 2025-0148 Critical Fix for GraphicsMagick Buffer Issue

mageia
Calendar Grey May 5, 2025
Dist Mageia Esm H88
GraphicsMagick is experiencing a buffer over-read vulnerability in Mageia for version 9; a patch has been released to address this problem.
GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call

Summary

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. (CVE-2025-32460)

References

- https://bugs.mageia.org/show_bug.cgi?id=34218

-

- https://lists.debian.org/debian-security-announce/2025/msg00067.html

- https://lists.suse.com/pipermail/sle-updates/2025-April/039065.html

- https://www.cve.org/CVERecord?id=CVE-2025-32460

Resolution

SRPMS

- 9/core/graphicsmagick-1.3.40-1.2.mga9

- 9/tainted/graphicsmagick-1.3.40-1.2.mga9.tainted

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 05 May 2025
URL: https://advisories.mageia.org/MGASA-2025-0148.html
Type: security
CVE: CVE-2025-32460

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here