Impact
A missing check of a return value in ImageMagick’s MAT decoder on 32‑bit systems allows a crafted MAT file to overwrite memory on the heap. This can corrupt application state, cause crashes or potentially enable an attacker to execute arbitrary code if the corrupted memory is later used. The vulnerability is a classic example of unchecked bounds handling (CWE‑122) and a failure to correctly check a function return value (CWE‑253).
Affected Systems
ImageMagick users running versions prior to 6.9.13‑48 or 7.1.2‑24 on 32‑bit platforms are affected. The issue is specific to the MAT decoder and does not exist in newer releases where the patch has been applied.
Risk and Exploitability
The CVSS score of 5.9 indicates moderate severity. The EPSS score of < 1% indicates a very low exploitation probability, and the absence of an exploit in the KEV catalog suggests the vulnerability has not yet been widely leveraged. The defect is triggered by processing a MAT file, which could be supplied by a remote adversary, making the attack vector likely remote. If an attacker can supply a malicious MAT payload, the resulting heap corruption can lead to denial of service or, in certain configurations, code execution. Careful monitoring of image uploads and applying the patch are recommended because the vulnerability could be used to disrupt services or compromise systems that rely on untrusted image input.
OpenCVE Enrichment
Debian DLA
Debian DSA
Github GHSA