Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

SUSE: ImageMagick Important Security Fix Advisory CVE-2025-55212

suse
Calendar Grey December 18, 2025
Dist Suse Esm H88
SUSE releases important security update for ImageMagick to fix six vulnerabilities, enhancing system integrity and safety.
An update that solves six vulnerabilities can now be installed.

Summary

## This update for ImageMagick fixes the following issues: * CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash (bsc#1252749). * CVE-2025-57807: BlobStream Forward-Seek Under-Allocation (bsc#1249362). * CVE-2025-62171: incomplete fix for integer overflow in BMP Decoder (bsc#1252282). * CVE-2025-55298: format string bug vulnerability can lead to heap overflow (bsc#1248780). * CVE-2025-57803: 32-bit integer overflow can lead to heap out-of-bounds (OOB) write (bsc#1248784). * CVE-2025-55212: division-by-zero in ThumbnailImage() when passing a geometry string containing only a colon to `montage -geometry` (bsc#1248767). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like

References

* bsc#1248767

* bsc#1248780

* bsc#1248784

* bsc#1249362

* bsc#1252282

* bsc#1252749

Cross-

* CVE-2025-55212

* CVE-2025-55298

* CVE-2025-57803

* CVE-2025-57807

* CVE-2025-62171

* CVE-2025-62594

CVSS scores:

* CVE-2025-55212 ( SUSE ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-55212 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-55212 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2025-55212 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-55298 ( SUSE ): 9.0

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

* CVE-2025-55298 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

* CVE-2025-55298 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:21211-1
Release Date: 2025-12-15T09:55:25Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here