From $URL: Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
In observing the month old conversations found @ https://github.com/ImageMagick/ImageMagick/issues/588 it's not obvious if there is a fix already committed. @maintainer(s): please verify and test any patches available here: https://github.com/ImageMagick/ImageMagick Thank you. Daj'Uan (mbailey_j) Gentoo Security Scout
Upstream Patch: https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0 @maintainer(s), please test and then follow procedure to close one report. Thank You. Daj'Uan (mbailey_j) Gentoo Security Scout
CVE Details:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12983
Upstream Status: https://github.com/ImageMagick/ImageMagick/issues?page=6&q=label%3Abug+is%3Aclosed
Fixed in Gentoo via https://github.com/gentoo/gentoo/commit/c1a4d3964144758b282be963b36aaddcef3a4db8#diff-c3da9b5318c1a67d6927fb8032d46fe5
This issue was resolved and addressed in GLSA 201711-07 at https://security.gentoo.org/glsa/201711-07 by GLSA coordinator Aaron Bauman (b-man).
