USN-8069-1: ImageMagick vulnerabilities

USN-8069-1: ImageMagick vulnerabilities
Publication date

4 March 2026

Overview

Several security issues were fixed in ImageMagick.

Packages
imagemagick - Image manipulation programs and library
Details

It was discovered that ImageMagick did not properly decode certain SUN
image files. An attacker could use this issue to cause ImageMagick to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-25897)

It was discovered that ImageMagick did not properly validate pixel index
values when writing UIL and XPM image files. An attacker could use this issue
to cause ImageMagick to crash, resulting in a denial of service, or possibly
obtain sensitive information. (CVE-2026-25898)

It was discovered that ImageMagick’s MSL decoder did not properly handle
certain attribute values. An attacker could use this issue to cause ImageMagick
to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-25968)

It was discovered that ImageMagick’s MSL decoder did not properly handle memory
when processing certain script elements. An attacker could use this issue to
cause ImageMagick to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2026-25983)

It was discovered that ImageMagick did not properly handle certain YUV image
files. An attacker could use this issue to cause ImageMagick to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-25986)

It was discovered that ImageMagick did not properly handle certain MAP image
files. An attacker could use this issue to cause ImageMagick to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2026-25987)

It was discovered that ImageMagick’s PCD decoder did not properly process
Huffman-coded data. An attacker could use this issue to cause ImageMagick to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2026-26284)

Update instructions
The problem can be corrected by updating your system to the following package versions:

24.04 LTS noble

• imagemagick-6.q16 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• imagemagick-6.q16hdri – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libimage-magick-q16-perl – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libimage-magick-q16hdri-perl – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagick++-6.q16-9t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagick++-6.q16hdri-9t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickcore-6.q16-7-extra – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickcore-6.q16-7t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickcore-6.q16hdri-7-extra – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickcore-6.q16hdri-7t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickwand-6.q16-7t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7
• libmagickwand-6.q16hdri-7t64 – 8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm7

22.04 LTS jammy

• imagemagick-6.q16 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• imagemagick-6.q16hdri – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libimage-magick-q16-perl – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libimage-magick-q16hdri-perl – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagick++-6.q16-8 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagick++-6.q16hdri-8 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickcore-6.q16-6 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickcore-6.q16-6-extra – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickcore-6.q16hdri-6 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickcore-6.q16hdri-6-extra – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickwand-6.q16-6 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8
• libmagickwand-6.q16hdri-6 – 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5+esm8

20.04 LTS focal

• libimage-magick-q16-perl – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8
• libimage-magick-q16hdri-perl – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8
• libmagickcore-6.q16-6 – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8
• libmagickcore-6.q16-6-extra – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8
• libmagickcore-6.q16hdri-6 – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8
• libmagickcore-6.q16hdri-6-extra – 8:6.9.10.23+dfsg-2.1ubuntu11.11+esm8

18.04 LTS bionic

• imagemagick-6.q16 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• imagemagick-6.q16hdri – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libimage-magick-q16-perl – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libimage-magick-q16hdri-perl – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagick++-6.q16-7 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagick++-6.q16hdri-7 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickcore-6.q16-3 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickcore-6.q16-3-extra – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickcore-6.q16hdri-3 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickcore-6.q16hdri-3-extra – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickwand-6.q16-3 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10
• libmagickwand-6.q16hdri-3 – 8:6.9.7.4+dfsg-16ubuntu6.15+esm10

16.04 LTS xenial

• imagemagick-6.q16 – 8:6.8.9.9-7ubuntu5.16+esm18
• libimage-magick-q16-perl – 8:6.8.9.9-7ubuntu5.16+esm18
• libmagick++-6.q16-5v5 – 8:6.8.9.9-7ubuntu5.16+esm18
• libmagickcore-6.q16-2 – 8:6.8.9.9-7ubuntu5.16+esm18
• libmagickcore-6.q16-2-extra – 8:6.8.9.9-7ubuntu5.16+esm18
• libmagickwand-6.q16-2 – 8:6.8.9.9-7ubuntu5.16+esm18

14.04 LTS trusty

• imagemagick – 8:6.7.7.10-6ubuntu3.13+esm19
• imagemagick-common – 8:6.7.7.10-6ubuntu3.13+esm19
• libmagick++5 – 8:6.7.7.10-6ubuntu3.13+esm19
• libmagickcore5 – 8:6.7.7.10-6ubuntu3.13+esm19
• libmagickcore5-extra – 8:6.7.7.10-6ubuntu3.13+esm19
• libmagickwand5 – 8:6.7.7.10-6ubuntu3.13+esm19
• perlmagick – 8:6.7.7.10-6ubuntu3.13+esm19