Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 631556 - <media-gfx/imagemagick-6.9.4.1: Out-of-bounds read in mat.c (CVE-2016-10070)
Summary: <media-gfx/imagemagick-6.9.4.1: Out-of-bounds read in mat.c (CVE-2016-10070)
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks: CVE-2016-10070
  Show dependency tree
 
Reported: 2017-09-20 17:44 UTC by GLSAMaker/CVETool Bot
Modified: 2017-09-20 17:57 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-09-20 17:44:56 UTC 
CVE-2016-10070 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10070):
  Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in
  ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of
  service (out-of-bounds read and application crash) via a crafted mat file.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-09-20 17:57:39 UTC 
Fixed by upstream since 6.9.4.0. Landed in Gentoo via bf1360d003a494888c306a9b8ae00452861d13f9 in 6.9.4.1. Current stable version in Gentoo repository is 6.9.7.4. All done.