This update for ImageMagick fixes the following issues:
* CVE-2026-23874: manipulation of digital images can lead to stack overflow
(bsc#1256976).
* CVE-2026-23876: maliciously crafted image can lead to heap buffer overflow
(bsc#1256962).
* CVE-2026-23952: processing comment tag can cause null pointer dereference
(bsc#1257076).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-503=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-503=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-503=1
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-503=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-503=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-503=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch...
Read the Full Advisory* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.64.1
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.64.1
* perl-PerlMagick-7.1.0.9-150400.6.64.1
* libMagick++-devel-7.1.0.9-150400.6.64.1
* ImageMagick-7.1.0.9-150400.6.64.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.64.1
* ImageMagick-devel-7.1.0.9-150400.6.64.1
* ImageMagick-debugsource-7.1.0.9-150400.6.64.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.64.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.64.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.64.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.64.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.64.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.64.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.64.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.64.1
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.64.1
*...
Read the Full Advisory* bsc#1256962
* bsc#1256976
* bsc#1257076
## References:
* https://www.suse.com/security/cve/CVE-2026-23874.html
* https://www.suse.com/security/cve/CVE-2026-23876.html
* https://www.suse.com/security/cve/CVE-2026-23952.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256962
* https://bugzilla.suse.com/show_bug.cgi?id=1256976
* https://bugzilla.suse.com/show_bug.cgi?id=1257076
Get the latest Linux and open source security news straight to your inbox.