Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 556
Alerts This Week
Warning Icon 1 556

SUSE 16.0 ImageMagick Notable DoS Security Flaw Alert SUSE-SA-2027-21466-5

suse
Calendar Grey February 3, 2026
Dist Suse Esm H88
SUSE releases important security update for ImageMagick addressing five issues, including potential DoS attacks.
An update that solves five vulnerabilities can now be installed.

Summary

## This update for ImageMagick fixes the following issues: * CVE-2025-65955: Fixed use-after-free/double-free in ImageMagick (bsc#1254435) * CVE-2025-66628: Fixed Integer Overflow leading to out of bounds read in ImageMagick (32-bit only) (bsc#1254820) * CVE-2025-68618: Fixed that reading a malicious SVG file may result in a DoS attack (bsc#1255821) * CVE-2025-68950: Fixed check for circular references in mvg files may lead to stack overflow (bsc#1255822) * CVE-2025-69204: Fixed an integer overflow can lead to a DoS attack (bsc#1255823) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0

References

* bsc#1254435

* bsc#1254820

* bsc#1255821

* bsc#1255822

* bsc#1255823

Cross-

* CVE-2025-65955

* CVE-2025-66628

* CVE-2025-68618

* CVE-2025-68950

* CVE-2025-69204

CVSS scores:

* CVE-2025-65955 ( SUSE ): 2.1

CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2025-65955 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-65955 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

* CVE-2025-65955 ( NVD ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2025-66628 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2025-66628 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2025-66628 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2025-68618 ( SUSE ): 5.1

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20183-1
Release Date: 2026-01-28T08:27:48Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.