Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:32961 - Security Advisory
Issued:
2026-06-29
Updated:
2026-06-29

RHSA-2026:32961 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: ImageMagick security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ImageMagick is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats.

Security Fix(es):

  • ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images (CVE-2026-46520)
  • ImageMagick: ImageMagick: Denial of Service via crafted MIFF file (CVE-2026-46522)
  • ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder (CVE-2026-45664)
  • ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder (CVE-2026-45031)
  • ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free (CVE-2026-46523)
  • ImageMagick: ImageMagick: Heap buffer over-write via `magick -distribute-cache` service connection (CVE-2026-46692)
  • ImageMagick: ImageMagick: Denial of Service via missing memory request check (CVE-2026-53460)
  • ImageMagick: ImageMagick: Denial of Service via crafted DCM image with invalid dimensions (CVE-2026-49218)
  • ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection (CVE-2026-56379)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 2487729 - CVE-2026-46520 ImageMagick: ImageMagick: Denial of Service via out-of-bounds write when processing multiple images
  • BZ - 2487730 - CVE-2026-46522 ImageMagick: ImageMagick: Denial of Service via crafted MIFF file
  • BZ - 2487732 - CVE-2026-45664 ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder
  • BZ - 2487734 - CVE-2026-45031 ImageMagick: ImageMagick: Denial of Service due to resource policy bypass in PSD decoder
  • BZ - 2487743 - CVE-2026-46523 ImageMagick: ImageMagick: Denial of Service via crafted MSL image leading to heap-use-after-free
  • BZ - 2487749 - CVE-2026-46692 ImageMagick: ImageMagick: Heap buffer over-write via `magick -distribute-cache` service connection
  • BZ - 2487757 - CVE-2026-53460 ImageMagick: ImageMagick: Denial of Service via missing memory request check
  • BZ - 2487763 - CVE-2026-49218 ImageMagick: ImageMagick: Denial of Service via crafted DCM image with invalid dimensions
  • BZ - 2491700 - CVE-2026-56379 ImageMagick: ImageMagick: Arbitrary code execution via SVG decoder command injection

CVEs

  • CVE-2026-45031
  • CVE-2026-45664
  • CVE-2026-46520
  • CVE-2026-46522
  • CVE-2026-46523
  • CVE-2026-46692
  • CVE-2026-49218
  • CVE-2026-53460
  • CVE-2026-56379

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
ImageMagick-6.9.10.68-17.el7_9.src.rpm SHA-256: 6fffda9de90f32335f7816a5ada98f623a377e6cef5f7f611f3ce4d3f87cc535
x86_64
ImageMagick-6.9.10.68-17.el7_9.i686.rpm SHA-256: 6a46999698ee9bc133c4ee6690c818278d290025606996ae3d740ecbbb9a6420
ImageMagick-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: ac15f72b885ca4d887b93e0d2bafbbd500840f298aea043ff802c5f87d8193a7
ImageMagick-c++-6.9.10.68-17.el7_9.i686.rpm SHA-256: c3dfdd414c409ac259f6ac2b66707169fd711997bf5557b6da4c0d1b87201611
ImageMagick-c++-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: 65808a39c9610e205ba329bb86012f3d4b6926d2b5de1d71af7f8333f9454d49
ImageMagick-c++-devel-6.9.10.68-17.el7_9.i686.rpm SHA-256: d200317965d1af96d3b7f5eddb9a77a1e368aae996b565f8d40388f9be02c3ad
ImageMagick-c++-devel-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: 14aafc53b8c6ad6fb3867c3fbd8ddd96f1ef74e2feadd0b8288529513c0e4ed6
ImageMagick-debuginfo-6.9.10.68-17.el7_9.i686.rpm SHA-256: c3d76f1224780bba48d46fa3543f163084b2556bb9dfb7e6582fbbe74e4f4343
ImageMagick-debuginfo-6.9.10.68-17.el7_9.i686.rpm SHA-256: c3d76f1224780bba48d46fa3543f163084b2556bb9dfb7e6582fbbe74e4f4343
ImageMagick-debuginfo-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: b780afc702d13f6c9ab0ca40a5cc94a1e7fb289537599aa1bddf525c2e550c22
ImageMagick-debuginfo-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: b780afc702d13f6c9ab0ca40a5cc94a1e7fb289537599aa1bddf525c2e550c22
ImageMagick-devel-6.9.10.68-17.el7_9.i686.rpm SHA-256: d2df70f88a941612158b0a49273463c8ed49462b63eb525bc42ac15e63345cf3
ImageMagick-devel-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: 8708ac99ca191f58ccc115ada0cc554f6e66ed1fed29050a33e0f46907cfd024
ImageMagick-doc-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: 3eac22a989193ac1560aff25ef78d949ab585b8635b69f062ff09fca0186ba2e
ImageMagick-perl-6.9.10.68-17.el7_9.x86_64.rpm SHA-256: 9ac37729d2254fcb413b9d396ed9483c97a29089519b943c3a9e0b7d838d1e99

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
ImageMagick-6.9.10.68-17.el7_9.src.rpm SHA-256: 6fffda9de90f32335f7816a5ada98f623a377e6cef5f7f611f3ce4d3f87cc535
s390x
ImageMagick-6.9.10.68-17.el7_9.s390.rpm SHA-256: 973bd68748f171dab086c32cec3003bdb77a3a9d7d2d1137c29ce1ecf4c2abcd
ImageMagick-6.9.10.68-17.el7_9.s390x.rpm SHA-256: feed3d0e3c8a620b14e8828756c3baae73fff61a376cab813497230393fcd244
ImageMagick-c++-6.9.10.68-17.el7_9.s390.rpm SHA-256: dc858168879cba498e0ea85dd8b57895cefcb2a8d46f041a589342aebc7c2dfc
ImageMagick-c++-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 52a9fae9674f1e7b21367f1797d19838f8d5ccb4ddf45cfbfdd540bed2269bb6
ImageMagick-c++-devel-6.9.10.68-17.el7_9.s390.rpm SHA-256: dc2512630e9e3f2a54ae1531b3ef9c2902d0a95957d953720df48108efc5c626
ImageMagick-c++-devel-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 1ac5f30f6408f4cb66650264d353c25ef0ec45a73655d50b3089c75653034c83
ImageMagick-debuginfo-6.9.10.68-17.el7_9.s390.rpm SHA-256: 069169775a9866994391794cddc144ba1518ec21f70c9fdab522e3ba5e781655
ImageMagick-debuginfo-6.9.10.68-17.el7_9.s390.rpm SHA-256: 069169775a9866994391794cddc144ba1518ec21f70c9fdab522e3ba5e781655
ImageMagick-debuginfo-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 5a3ee0ec6fc52d191f61d551b239430ae1b2d82f6c4f79a7ffdade7b0c20f043
ImageMagick-debuginfo-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 5a3ee0ec6fc52d191f61d551b239430ae1b2d82f6c4f79a7ffdade7b0c20f043
ImageMagick-devel-6.9.10.68-17.el7_9.s390.rpm SHA-256: d39d11fe77292f2fa80ff14ae3d9102ff0b094933c51cfa2a7231154736726ac
ImageMagick-devel-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 4b1d527adca610f63e08730ff8f42469705bd0467e3b303248f61bbd9db712bb
ImageMagick-doc-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 7ad8ee2d8b62536499a533a0895154d0bbd25e22d45e40466ed5681c9f8467e2
ImageMagick-perl-6.9.10.68-17.el7_9.s390x.rpm SHA-256: 191903eda3264e872a8ef3f957e8e0ca6e4df695f331277ba4a0b5e0ac54fe85

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
ImageMagick-6.9.10.68-17.el7_9.src.rpm SHA-256: 6fffda9de90f32335f7816a5ada98f623a377e6cef5f7f611f3ce4d3f87cc535
ppc64
ImageMagick-6.9.10.68-17.el7_9.ppc.rpm SHA-256: e324444002ad5f9e58cae5d941528245acf8d846d42ff179fb1d29f845a47305
ImageMagick-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 774e96ca22d4470da980151c6579c10caf47c01fc71590bbe49221aa3e46f1d6
ImageMagick-c++-6.9.10.68-17.el7_9.ppc.rpm SHA-256: 91a77bc8c5a338c546fcd8d575caa79ac1fd26b8b38eff805eeead300dea7e0e
ImageMagick-c++-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 46672db74e08dd905ffcbcfbcfb665f64bd742dcf9663f88f5f878a7bf461dd9
ImageMagick-c++-devel-6.9.10.68-17.el7_9.ppc.rpm SHA-256: 62c306c16d0183e72e6c507c33802018acb9efe17ca69cbafa29043ffb810e54
ImageMagick-c++-devel-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 45ef9d8ec5a0b4bfce80bc4fdab2b33724f48c26f02ce682fb9e44d1c0babe12
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc.rpm SHA-256: 8fb00e8330eff1085ac1907b3ec92ce04137997a8bd6b7be6cbf1c9e7f3e7224
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc.rpm SHA-256: 8fb00e8330eff1085ac1907b3ec92ce04137997a8bd6b7be6cbf1c9e7f3e7224
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 5d7c1ab332225cc83beedc17eb9a65f9826c13397422f222c80c943f6e3acad2
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 5d7c1ab332225cc83beedc17eb9a65f9826c13397422f222c80c943f6e3acad2
ImageMagick-devel-6.9.10.68-17.el7_9.ppc.rpm SHA-256: d5c9647ef0bd62fd37c892269e242b7b0f84bcb02da026338769034e91500471
ImageMagick-devel-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: a2786bffb3059410ad111639c2aae577b57ad50d7b5b4b3dac405984db6cf525
ImageMagick-doc-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 364fac0f9ac987b61f079c32f1e3447f6b0bb242ebb8b9034eea13e065e7ebba
ImageMagick-perl-6.9.10.68-17.el7_9.ppc64.rpm SHA-256: 7c27c660a22fc02414b67976f5f8969c304f662d14facab83e5e78e9f23739ff

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
ImageMagick-6.9.10.68-17.el7_9.src.rpm SHA-256: 6fffda9de90f32335f7816a5ada98f623a377e6cef5f7f611f3ce4d3f87cc535
ppc64le
ImageMagick-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: a369d4e6b771182922162f793783c0df2e502ec0fbf9274c15f8062dd3c051a7
ImageMagick-c++-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 52fa148e2513a3bb5debb305e6fbb26a4e009e27b831e06b968810e5b673a06a
ImageMagick-c++-devel-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 8a64234bea3bae7a415e9ce4618434052cf7131f3f36be741306585c61101c3f
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 0b5db762cf4fbf2bf04baface9162f3c97c20a42a3391d31f581e3d590fd0428
ImageMagick-debuginfo-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 0b5db762cf4fbf2bf04baface9162f3c97c20a42a3391d31f581e3d590fd0428
ImageMagick-devel-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: e6b7500ab77d1469a3843340b3e7caee5fd53930bc0860860cccbcbdf738f157
ImageMagick-doc-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 2e153dda567a055ffebbaba22dbcf6c2b4d75509a2a10b65ec8b9db21096f02f
ImageMagick-perl-6.9.10.68-17.el7_9.ppc64le.rpm SHA-256: 1ea922e1f7febb726c4de940a3e6d9cbf05fd32db59a700c80285d19b914f891

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility