SB2026040101 - Ubuntu update for imagemagick

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2026-23952)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in MSL parser within "comment" tag before image load. A remote user can pass specially crafted data to the application and perform a denial of service (DoS) attack.

2) NULL pointer dereference (CVE-ID: CVE-2026-25795)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the "ReadSFWImage()" function. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

3) Memory leak (CVE-ID: CVE-2026-25796)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the "ReadSTEGANOImage()" function on multiple error/early-return paths. A remote attacker can force the application to leak memory and perform denial of service attack.

4) NULL pointer dereference (CVE-ID: CVE-2026-25798)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in ClonePixelCacheRepository. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

5) Division by zero (CVE-ID: CVE-2026-25799)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the divide-by-zero issue in YUV sampling factor validation. A remote attacker can cause a denial of service condition on the target system.

6) Integer overflow (CVE-ID: CVE-2026-25970)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in SIXEL decoder. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.

7) Memory leak (CVE-ID: CVE-2026-25988)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in msl.c. A remote attacker can force the application to leak memory and perform denial of service attack.

8) Resource exhaustion (CVE-ID: CVE-2026-26066)

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when writing IPTCTEXT. A local attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

9) Heap-based buffer overflow (CVE-ID: CVE-2026-30883)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when writing extremely large image profile in the PNG encoder. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and cause a denial of service condition on the target system.

10) Heap-based buffer overflow (CVE-ID: CVE-2026-32636)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the NewXMLTree method. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and cause a denial of service condition on the target system.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-8127-1