CVE-2023-1289: Uncontrolled Recursion Denial of Service in ImageMagick SVG Processing

ImageMagick provides robust image processing capabilities, including the conversion and rendering of SVG files. The software relies on an internal drawing engine, implemented in MagickCore/draw.c, to parse and execute vector graphic instructions. When the engine encounters nested elements such as <image> tags within an SVG, it invokes a sub-rendering process to handle the external or internal references.

A vulnerability exists in this sub-rendering process where recursion limits are improperly enforced. The drawing engine fails to track the depth of nested image processing accurately due to a flaw in how image state information is duplicated. This oversight permits an attacker to supply a crafted SVG file containing self-referential or cyclical inclusions.

Processing a cyclical SVG file forces ImageMagick into an uncontrolled recursive loop. The application continuously spawns new rendering contexts until the system terminates the process due to a segmentation fault from stack exhaustion. Concurrently, the engine generates substantial temporary file output, degrading system availability.

The ImageInfo structure serves as the primary configuration construct for ImageMagick's parsing routines. It dictates how input files are read, defining memory limits, delegate paths, and operational parameters. Precise state management within this structure is strictly required to maintain application stability when processing complex file formats like SVG.

The root cause of CVE-2023-1289 lies in the state propagation logic during recursive image rendering. Prior to version 7.1.1-0, the DrawPrimitive function utilized CloneImageInfo to duplicate the parent rendering state for the new nested element. This function performs a deep copy of the ImageInfo structure.

Deep copying the ImageInfo structure inadvertently duplicates internal flags and state variables that govern recursion tracking. The underlying ReadImage function relies on accurate state variables to enforce MagickMaxRecursionDepth, which acts as a safety boundary against infinite loops. Because the clone operation decoupled or overwrote the necessary depth tracking state, the limit check was bypassed entirely.

During this uncontrolled recursion, ImageMagick frequently relies on external delegates such as Inkscape or RSVG to process the graphical elements. The delegate execution model requires writing the current rendering state to temporary files in the /tmp directory. The failure to halt the recursion results in a rapid and continuous generation of these temporary files.

The absence of a synchronized depth counter between the parent rendering context and the newly cloned context represents a fundamental breakdown in the application's resource management. The system blindly allocates resources for each recursive step without evaluating the total depth of the call stack.

The patch implemented in commit c5b23cbf2119540725e6dc81f4deb25798ead6a4 corrects the state management within MagickCore/draw.c. The maintainers modified the variable initialization block inside the DrawPrimitive function. The primary change replaces the deep copy approach with a precise, explicit state assignment.

The vulnerable implementation used clone_info=CloneImageInfo(draw_info->image_info);, which copied the entire state without regard for the active recursion depth tracker. The patch replaces this with clone_info=AcquireImageInfo();, which generates a clean, initialized structure. The code then explicitly propagates the depth using clone_info->recursion_depth=draw_info->image_info->recursion_depth;.

@@ -5585,7 +5585,8 @@ MagickExport MagickBooleanType DrawPrimitive(Image *image,
 
       if (primitive_info->text == (char *) NULL)
         break;
-      clone_info=CloneImageInfo(draw_info->image_info);
+      clone_info=AcquireImageInfo();
+      clone_info->recursion_depth=draw_info->image_info->recursion_depth;
       composite_images=(Image *) NULL;
       if (LocaleNCompare(primitive_info->text,"data:",5) == 0)
         composite_images=ReadInlineImage(clone_info,primitive_info->text,

This modification ensures that the nested rendering process begins with a default state, devoid of unintended flags from the parent process. By manually carrying over the recursion_depth value, the sub-process correctly increments the counter and allows ReadImage to terminate the operation when the recursion limit reaches the predefined threshold. The fix is comprehensive for this specific code path, as it successfully couples the tracking mechanism to the active invocation stack.

Exploitation of CVE-2023-1289 requires the target application to process user-supplied SVG files using a vulnerable version of ImageMagick. Attackers do not need authentication if the application exposes an unauthenticated image processing endpoint, such as a profile picture upload or a media format conversion tool. The attack complexity is low, as the payload relies on standard SVG syntax.

The exploit payload is a minimal SVG file containing an <image> element that references itself or forms a cyclical dependency with a second file. When ImageMagick parses the href attribute, it triggers the vulnerable DrawPrimitive function. The engine attempts to render the referenced image, entering the recursion loop.

<svg width="100" height="100" xmlns="http://www.w3.org/2000/svg">
  <image href="recursive.svg" width="100" height="100" />
</svg>

The attack progresses rapidly as the recursion deepens. The process continuously writes state data to the /tmp directory while consuming stack memory. The attack completes when the operating system sends a SIGSEGV signal to terminate the process or when the file system exhausts available disk space.

The primary impact of CVE-2023-1289 is a severe Denial of Service condition affecting application availability. The vulnerability manifests in two concurrent resource exhaustion vectors: stack memory depletion and disk space consumption. The stack exhaustion guarantees a process crash, effectively terminating the specific ImageMagick rendering thread.

The disk space consumption poses a broader threat to system stability. The observed expansion ratio during exploitation is approximately 103:1. Processing a 100MB cyclical SVG file generates over 10GB of temporary files in the system's /tmp directory. If the /tmp partition is shared with other critical system processes, its exhaustion can cause widespread service failures across the host operating system.

In cloud environments relying on ephemeral storage or strict container storage quotas, this vulnerability triggers rapid out-of-space errors. Container orchestration platforms like Kubernetes may subsequently terminate and restart the affected pods, resulting in localized service degradation. Attackers can leverage this behavior to perform sustained denial of service attacks by continuously submitting cyclical SVG payloads.

The CVSS v3.1 base score of 5.5 reflects the localized nature of the attack vector. While the vulnerability is triggered via user interaction (uploading a file), the lack of privilege requirements and the high impact on availability make it a significant risk for web applications. Shared hosting environments are particularly susceptible to the disk exhaustion vector.

The authoritative remediation for CVE-2023-1289 is upgrading ImageMagick to version 7.1.1-0 or a later release. This version incorporates the patch that correctly initializes the ImageInfo structure and propagates the recursion depth limit. Administrators relying on distribution-provided packages should apply the relevant security updates from their OS vendor.

If upgrading is not immediately feasible, administrators must implement mitigation controls using the ImageMagick policy.xml configuration file. This file allows operators to define strict resource limits and disable vulnerable coders entirely. Restricting disk usage and disabling the SVG coder prevents the exploitation of this vulnerability.

<policymap>
  <policy domain="resource" name="disk" value="1GiB"/>
  <policy domain="resource" name="map" value="512MiB"/>
  <policy domain="coder" rights="none" pattern="SVG" />
</policymap>

Security teams should monitor system logs for frequent ImageMagick process crashes resulting in SIGSEGV. Additionally, monitoring /tmp directory space utilization can provide early warning signs of an ongoing resource exhaustion attack. Rapid, anomalous growth in temporary files is a strong indicator of exploitation attempts.