Summary: | <media-gfx/imagemagick-{6.9.9.18,7.0.7.6}: Multiple Vulnerabilities (CVE-2017-{14172,14173,14174,14175}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/ImageMagick/ImageMagick/issues/ | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2017-09-07 15:34:38 UTC
@maintainer(s), further research points to multiple patches for each cve , located at upstream /issues/#. CVE-2017-14175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14175): In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14174): In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14173 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14173): In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value. CVE-2017-14172 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14172): In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. Fixed in Gentoo via https://github.com/gentoo/gentoo/commit/e55c500d5efec48f8fb7aa3da8b27b9dc0b30dbf#diff-c3da9b5318c1a67d6927fb8032d46fe5 This issue was resolved and addressed in GLSA 201711-07 at https://security.gentoo.org/glsa/201711-07 by GLSA coordinator Aaron Bauman (b-man). |