CLSA-2026-1774010101

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1774010101

Upstream

CVE-2026-25898

CVE-2026-25971

CVE-2026-25983

Published

2026-03-20T12:35:05Z

Modified

2026-06-04T09:47:31.744780729Z

Summary

Fix CVE(s): CVE-2026-25898, CVE-2026-25971, CVE-2026-25983

Details

SECURITY UPDATE: out-of-bound read with negative pixel index in UIL and XPM encoders
- debian/patches/CVE-2026-25898.patch: add bounds check on pixel index value returned by GetPixelIndex before using as array subscript
- CVE-2026-25898
SECURITY UPDATE: heap use-after-free in MSL repage and roll handlers
- debian/patches/CVE-2026-25983.patch: move null check before accessing image properties in repage and roll element handlers
- CVE-2026-25983
SECURITY UPDATE: stack overflow via infinite recursion in MSL write handler
- debian/patches/CVE-2026-25971.patch: check output format before calling WriteImage to prevent recursive MSL processing
- CVE-2026-25971

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1774010101.html

Affected packages

TuxCare:Ubuntu:20.04

imagemagick

Package

Name: imagemagick
Purl: pkg:deb/tuxcare/imagemagick?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-6-common

Package

Name: imagemagick-6-common
Purl: pkg:deb/tuxcare/imagemagick-6-common?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-6-doc

Package

Name: imagemagick-6-doc
Purl: pkg:deb/tuxcare/imagemagick-6-doc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-6.q16

Package

Name: imagemagick-6.q16
Purl: pkg:deb/tuxcare/imagemagick-6.q16?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-6.q16hdri

Package

Name: imagemagick-6.q16hdri
Purl: pkg:deb/tuxcare/imagemagick-6.q16hdri?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-common

Package

Name: imagemagick-common
Purl: pkg:deb/tuxcare/imagemagick-common?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

imagemagick-doc

Package

Name: imagemagick-doc
Purl: pkg:deb/tuxcare/imagemagick-doc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libimage-magick-perl

Package

Name: libimage-magick-perl
Purl: pkg:deb/tuxcare/libimage-magick-perl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libimage-magick-q16-perl

Package

Name: libimage-magick-q16-perl
Purl: pkg:deb/tuxcare/libimage-magick-q16-perl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libimage-magick-q16hdri-perl

Package

Name: libimage-magick-q16hdri-perl
Purl: pkg:deb/tuxcare/libimage-magick-q16hdri-perl?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-6-headers

Package

Name: libmagick++-6-headers
Purl: pkg:deb/tuxcare/libmagick++-6-headers?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-6.q16-8

Package

Name: libmagick++-6.q16-8
Purl: pkg:deb/tuxcare/libmagick++-6.q16-8?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-6.q16-dev

Package

Name: libmagick++-6.q16-dev
Purl: pkg:deb/tuxcare/libmagick++-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-6.q16hdri-8

Package

Name: libmagick++-6.q16hdri-8
Purl: pkg:deb/tuxcare/libmagick++-6.q16hdri-8?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-6.q16hdri-dev

Package

Name: libmagick++-6.q16hdri-dev
Purl: pkg:deb/tuxcare/libmagick++-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagick++-dev

Package

Name: libmagick++-dev
Purl: pkg:deb/tuxcare/libmagick++-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6-arch-config

Package

Name: libmagickcore-6-arch-config
Purl: pkg:deb/tuxcare/libmagickcore-6-arch-config?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6-headers

Package

Name: libmagickcore-6-headers
Purl: pkg:deb/tuxcare/libmagickcore-6-headers?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16-6

Package

Name: libmagickcore-6.q16-6
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-6?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16-6-extra

Package

Name: libmagickcore-6.q16-6-extra
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-6-extra?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16-dev

Package

Name: libmagickcore-6.q16-dev
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16hdri-6

Package

Name: libmagickcore-6.q16hdri-6
Purl: pkg:deb/tuxcare/libmagickcore-6.q16hdri-6?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16hdri-6-extra

Package

Name: libmagickcore-6.q16hdri-6-extra
Purl: pkg:deb/tuxcare/libmagickcore-6.q16hdri-6-extra?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-6.q16hdri-dev

Package

Name: libmagickcore-6.q16hdri-dev
Purl: pkg:deb/tuxcare/libmagickcore-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickcore-dev

Package

Name: libmagickcore-dev
Purl: pkg:deb/tuxcare/libmagickcore-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-6-headers

Package

Name: libmagickwand-6-headers
Purl: pkg:deb/tuxcare/libmagickwand-6-headers?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-6.q16-6

Package

Name: libmagickwand-6.q16-6
Purl: pkg:deb/tuxcare/libmagickwand-6.q16-6?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-6.q16-dev

Package

Name: libmagickwand-6.q16-dev
Purl: pkg:deb/tuxcare/libmagickwand-6.q16-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-6.q16hdri-6

Package

Name: libmagickwand-6.q16hdri-6
Purl: pkg:deb/tuxcare/libmagickwand-6.q16hdri-6?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-6.q16hdri-dev

Package

Name: libmagickwand-6.q16hdri-dev
Purl: pkg:deb/tuxcare/libmagickwand-6.q16hdri-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

libmagickwand-dev

Package

Name: libmagickwand-dev
Purl: pkg:deb/tuxcare/libmagickwand-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"

perlmagick

Package

Name: perlmagick
Purl: pkg:deb/tuxcare/perlmagick?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els18

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1774010101.json"