CVE-2022-48541: 
ImageMagick vulnerability analysis and mitigation

A memory leak vulnerability was identified in ImageMagick versions 7.0.10-45 and 6.9.11-22, tracked as CVE-2022-48541. The vulnerability allows remote attackers to perform a denial of service attack through the 'identify -help' command (CVE Details, NVD).

The vulnerability has a CVSS 3.1 Base Score of 7.1 (High), with the following characteristics: Network attack vector, Low attack complexity, No privileges required, User interaction required, Unchanged scope, No impact on confidentiality, Low impact on integrity, and High impact on availability. The issue specifically involves a memory leak that occurs when executing the 'identify -help' command (Ubuntu).

When exploited, this vulnerability can lead to a denial of service condition through memory resource exhaustion. The primary impact is on system availability, with a high severity rating for availability impact and a low impact on integrity (Ubuntu).

Multiple Linux distributions have released patches to address this vulnerability. Ubuntu has fixed the issue in versions 20.04 LTS, 18.04 LTS, 16.04 LTS, and 14.04 LTS through their ESM updates. Debian has addressed it in version 8:6.9.10.23+dfsg-2.1+deb10u7 for Debian 10 (buster). Fedora has released fixes in ImageMagick version 7.1.1.26-2 for both Fedora 38 and 39 (Debian LTS, Fedora).