Alerts This Week
Warning Icon 1 1,146
Alerts This Week
Warning Icon 1 1,146

SUSE ImageMagick Important 23 Vulnerabilities Fixed Advisory 2026-1202-1

suse
Calendar Grey April 7, 2026
Dist Suse Esm H88
Critical update for ImageMagick on SUSE fixing 23 important vulnerabilities affecting software functionality.
An update that solves 23 vulnerabilities can now be installed.

Summary

## This update for ImageMagick fixes the following issues: * CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion (bsc#1258790). * CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write (bsc#1259446). * CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow (bsc#1259447). * CVE-2026-28686: undersized output buffer allocation in the PCL encoder can lead to a heap buffer overflow (bsc#1259448). * CVE-2026-28687: heap use-after-free vulnerability in the MSL decoder via a crafted MSL file (bsc#1259450). * CVE-2026-28688: heap use-after-free in the MSL encoder when a cloned image is destroyed twice (bsc#1259451).

References

* bsc#1258790

* bsc#1259446

* bsc#1259447

* bsc#1259448

* bsc#1259450

* bsc#1259451

* bsc#1259452

* bsc#1259455

* bsc#1259456

* bsc#1259457

* bsc#1259463

* bsc#1259464

* bsc#1259466

* bsc#1259467

* bsc#1259468

* bsc#1259469

* bsc#1259497

* bsc#1259528

* bsc#1259612

* bsc#1259872

* bsc#1260874

* bsc#1260879

Cross-

* CVE-2026-24484

* CVE-2026-25971

* CVE-2026-28493

* CVE-2026-28494

* CVE-2026-28686

* CVE-2026-28687

* CVE-2026-28688

* CVE-2026-28689

* CVE-2026-28690

* CVE-2026-28691

* CVE-2026-28692

* CVE-2026-28693

* CVE-2026-30883

* CVE-2026-30929

* CVE-2026-30931

* CVE-2026-30935

* CVE-2026-30936

* CVE-2026-30937

* CVE-2026-31853

* CVE-2026-32259

* CVE-2026-32636

* CVE-2026-33535

* CVE-2026-33536

CVSS scores:

* CVE-2026-24484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1202-1
Release Date: 2026-04-07T12:24:46Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here