[CLSA-2026:1773999754] Fix CVE(s): CVE-2026-25898
Type:
security
Severity:
Critical
Release date:
2026-03-20 09:42:37 UTC
Description:
* SECURITY UPDATE: global buffer overflow read via negative pixel index in UIL and XPM image encoders - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898
Updated packages:
  • imagemagick_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:6b6d11b50a1a3cb2c2d323fef6887cf231e20301
  • imagemagick-6.q16_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:2dcf55978231e207d433460cacdd95c2f2905a87
  • imagemagick-common_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:1ea2a569f8957478581729f361a72a74bee4ef3b
  • imagemagick-doc_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:a3a2a50562d8a12ebe4b7a2a67cdda17e1a7a016
  • libimage-magick-perl_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:674737ee44ba56ea3c8c33528928be94901f6744
  • libimage-magick-q16-perl_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:45aca000c6754c5cead4a9eb1d82f7d84262cfa8
  • libmagick++-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:3d0e0a08ef873bca26b8bc747ac12ecd6681e0d6
  • libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:b55074b96c6b20cd2633cb838b0c1daa5c6b1824
  • libmagick++-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:bea4e7061d39a09b084be19bcc3ed73845cd46b7
  • libmagick++-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:24ac3672fb099e98fea0bb13420f2ee582efabc7
  • libmagickcore-6-arch-config_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:f8c8dc8ab72f50384119cf79f842336ba46822d0
  • libmagickcore-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:626b4b2d8f255aa233fcee55a7f151208c7f4244
  • libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:d278f6d4b05da6a7769f379ac52eb1e29b68d553
  • libmagickcore-6.q16-2-extra_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:73269f0b42f670c70aec85497a2ec3be060d98a2
  • libmagickcore-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:1dd404b9107b53cedf2a3606df20a56b7240214d
  • libmagickcore-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:65bcddd24ec778ac00c67eecfbf7e4ababf66e2f
  • libmagickwand-6-headers_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:1a782ce54cd418165d947f9095df216cdceae697
  • libmagickwand-6.q16-2_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:5f44a823c74f4689c275ba989f23000150786be3
  • libmagickwand-6.q16-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_amd64.deb
    sha:0b6cec1c18f16f773c0fd1617c87d5331c7fc91d
  • libmagickwand-dev_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:e7141cfb5d04943761697a4211467175043b39c8
  • perlmagick_6.8.9.9-7ubuntu5.17+tuxcare.els38_all.deb
    sha:84486f700561a961c6003b004b4fbaa8102a3953
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.