ImageMagick Memory Leak in ReadSTEGANOImage (CVE-2026-25796)

Thinking Process: 1. Analyze the Request: Role: Professional translator specializing in cybersecurity. Task: Translate a Chinese vulnerability intelligence summary to English. Constraint 1: Maintain all Markdown formatting intact. Constraint 2: Do not add any introductory or concluding remarks. Input: A structured vulnerability report in Chinese (with some English terms already present). Output: English translation of the content. 2. Analyze the Input Content: Header: (Key Vulnerability Information) Section 1: (Vulnerability Title) -> Content is already in English: Section 2: (Severity) -> Content: (Already English) Section 3: (Affected Versions) -> Content: , (Already English/Code) Section 4: (Fixed Versions) -> Content: , (Already English/Code) Section 5: (Vulnerability Description) -> Content: Chinese text describing the leak in , location , 3 early return paths, ~13.5KB leak, DoS potential. Section 6: (Vulnerability Information Example) -> Content: Code block (plaintext) showing ASAN output. (Already English) Section 7: -> Content: (Already English) Section 8: (Weakness Type) -> Content: （内存泄漏） -> Needs translation for the parenthetical part. Section 9: (Submitter) -> Content: (Already English/Username) 3. Translation Strategy: Keep Markdown headers ( , , , , code blocks). Translate Chinese headers to English equivalents commonly used in vulnerability reports. Translate the description paragraph accurately. Translate the parenthetical explanation in "Weakness Type". Ensure technical terms (Memory leak, early-return paths, Denial of Service, etc.) are used correctly. 4. Drafting the Translation: -> -> -> -> -> -> Description Text: "在 函数中（位于 ），watermark 图像对象在三个提前返回路径上未被释放，导致每次调用约 13.5KB 的确定性内存泄漏，可能被用于服务拒绝攻击。" Translation: "In the function (located in ), the watermark image object is not released on three early-return paths, resulting in a deterministic memory leak of approximately 13.5KB per call, which could be exploited for denial-of-service attacks." -> (Or ) -> -> Weakness Type Content: （内存泄漏） -> (Memory Leak) -> 5. Review and Refine: Check Markdown integrity. Check technical accuracy. Ensure no extra text is added. Self-Correction on Headers: -> is good. -> is standard. -> is standard. -> is standard. -> is standard. -> is standard. -> or . Let's stick close to the original meaning: . -> is standard (CWE context). -> is standard. Self-Correction on Description: "确定性内存泄漏" -> "deterministic memory leak". "服务拒绝攻击" -> "denial-of-service attacks" or "DoS attacks". "Denial-of-service attacks" is more formal. "提前返回路径" -> "early-return paths". Self-Correction on Weakness Type: （内存泄漏） -> (Memory Leak) 6. Final Polish: Combine everything ensuring the code block remains exactly as is (since it's already English/ASCII). Wait, one detail: The input has some English already in the content (like the title, severity, versions, CVE, code block). I should keep those as they are, only translating the Chinese parts (headers and description). Input: ... Output Plan: ... Wait, looking closely at the input:* The input actually has mixed Chinese and English. (Chinese header) (English content) (Chinese header) (English content) (Chinese header) ImageMagick... 已修复版本 - (English content) (Chinese header) ReadSTEGANOImage() (Chinese content) (Chinese header) (English content) (English header) CVE-2026-25796` 弱点类型 - （内存泄漏） 提交者 - 关键漏洞信息 Key Vulnerability Information 漏洞标题 Vulnerability Title 严重性 Severity 受影响版本 Affected Versions 已修复版本 Fixed Versions 漏洞描述 Vulnerability Description 漏洞信息示例 Vulnerability Information Example CVE ID CVE ID 弱点类型 Weakness Type 提交者 Submitter - 在 函数中（位于 ），watermark 图像对象在三个提前返回路径上未被释放，导致每次调用约 13.5KB 的确定性内存泄漏，可能被用于服务拒绝攻击。 - In the function (located in ), the watermark image object is not released on three early-return paths, resulting in a deterministic memory leak of approximately 13.5KB per call, which could be exploited for denial-of-service attacks. - （内存泄漏） - (Memory Leak) CVE ID 弱点类型 提交者 CVE ID 弱点类型 提交者 ImageMagick < 7.1.2-15 ImageMagick < 6.9.13-40 ImageMagick 7.1.2-15 ImageMagick 6.9.13-40 ReadSTEGANOImage() coders/stegano.c CVE-2026-25796 CWE-401 ylwango613`

Goal Reached Thanks to every supporter — we hit 100%!

ImageMagick Memory Leak in ReadSTEGANOImage (CVE-2026-25796)

More from this source