CVE-2025-55212

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.13-28 ImageMagick versions prior to 7.1.2-2

Description: ImageMagick is free and open-source software used for editing and manipulating digital images. Passing a geometry string containing only a colon (":") to the montage function with the -geometry option leads GetGeometry() to set width/height to 0. Subsequently, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service.

Recommendations: Update ImageMagick to version 6.9.13-28 or later. Update ImageMagick to version 7.1.2-2 or later.

Exploit

Fix

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALT-PU-2025-10960

ALT-PU-2025-11045

BDU:2025-12589

CVE-2025-55212

DLA-4297-1

DSA-5997-1

GHSA-FH55-Q5PJ-PXGW

OESA-2025-2193

OESA-2025-2194

OESA-2025-2196

OESA-2025-2197

OESA-2025-2247

OPENSUSE-SU-2025:15498-1

OPENSUSE-SU-2025:20162-1

SUSE-SU-2025:03113-1

SUSE-SU-2025:03150-1

SUSE-SU-2025:03151-1

SUSE-SU-2025:03152-1

SUSE-SU-2025:03164-1

SUSE-SU-2025:21211-1

SUSE-SU-2025_03113-1

SUSE-SU-2025_03150-1

SUSE-SU-2025_03151-1

SUSE-SU-2025_03152-1

SUSE-SU-2025_03164-1

USN-7756-1

Affected Products

Alt Linux

Debian

Imagemagick

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-55212

Weakness Enumeration

Related Identifiers

Affected Products

References · 91