PT-2022-6492 · Unknown+5 · Imagemagick+5

Tej Rathi

Published

2022-04-09

Updated

2024-06-15

CVE-2022-32547

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ImageMagick (affected versions not specified)

Description The issue in ImageMagick is related to the load of misaligned addresses for types 'double' and 'float' at MagickCore/property.c, which can cause undefined behavior when processing crafted or untrusted input. This may lead to a negative impact on application availability. Additionally, the vulnerability can be exploited by a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-704

Related Identifiers

ALT-PU-2022-2736

ALT-PU-2022-2832

ALT-PU-2024-2243

BDU:2023-01724

CVE-2022-32547

DLA-3429-1

MGASA-2022-0446

OESA-2022-2109

OESA-2023-1009

OPENSUSE-SU-2022_2259-1

OPENSUSE-SU-2022_2301-1

OPENSUSE-SU-2024:13263-1

SUSE-SU-2022:2259-1

SUSE-SU-2022:2263-1

SUSE-SU-2022:2301-1

SUSE-SU-2023:4634-1

USN-5534-1

USN-5736-1

USN-5736-2

USN-6200-1

Affected Products

Alt Linux

Astra Linux

Imagemagick

Linuxmint

Suse

Ubuntu

PT-2022-6492 · Unknown+5 · Imagemagick+5

CVE-2022-32547

Weakness Enumeration

Related Identifiers

Affected Products

References · 136