Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 643912 (CVE-2017-18022, CVE-2018-5246, CVE-2018-5247, CVE-2018-5248)

Summary: <media-gfx/imagemagick-{,}: Multiple memory leaks
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: minor CC: graphics+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B4 [noglsa cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-01-08 16:18:01 UTC
CVE-2018-5248 (
  In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in
  coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode

CVE-2018-5247 (
  In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in

CVE-2018-5246 (
  In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in

CVE-2017-18022 (
  In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand
  in MagickWand/montage.c.
Comment 1 Thomas Deutschmann gentoo-dev Security 2018-04-21 19:18:59 UTC
This was done via bug 643560.