Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 628642 (CVE-2017-13066) - <media-gfx/graphicsmagick-1.3.27: denial of service vulnerability in magick/image.c. (CVE-2017-13066)
Summary: <media-gfx/graphicsmagick-1.3.27: denial of service vulnerability in magick/i...
Status: RESOLVED FIXED
Alias: CVE-2017-13066
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://sourceforge.net/p/graphicsmag...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-22 19:12 UTC by D'juan McDonald (domhnall)
Modified: 2018-03-26 01:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2017-08-22 19:12:30 UTC
On GraphicsMagick 1.3.26 2017-07-04 Q8
A memory leak vulnerability was found in function CloneImage in magick/image.c,which allow attackers to cause a denial of service via a crafted file.
#./gm identify $FILE
=================================================================
==39635==ERROR: detected memory leaks

Indirect leak of 6856 byte(s) in 1 object(s) allocated from:
    #0 0x4e96f6 in __interceptor_malloc /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:66
    #1 0x6e22e1 in CloneImage /home/test/Downloads/GraphicsMagick-1.3.26/magick/image.c:941:15
    #2 0x63f90d in ReadImage /home/test/Downloads/GraphicsMagick-1.3.26/magick/constitute.c:1607:13
    #3 0x63ed64 in PingImage /home/test/Downloads/GraphicsMagick-1.3.26/magick/constitute.c:1370:9
    #4 0x5b0232 in MagickCommand /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:8869:17
    #5 0x5f621e in GMCommandSingle /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:17396:10
    #6 0x5f4aab in GMCommand /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:17449:16
    #7 0x7fed6998cb34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274

Indirect leak of 4224 byte(s) in 1 object(s) allocated from:
    #0 0x4ea255 in posix_memalign /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:142
    #1 0x71147b in MagickMallocAligned /home/test/Downloads/GraphicsMagick-1.3.26/magick/memory.c:217:7
    #2 0x769a32 in GetCacheInfo /home/test/Downloads/GraphicsMagick-1.3.26/magick/pixel_cache.c:1986:14

Indirect leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x4e96f6 in __interceptor_malloc /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:66
    #1 0xef94c0 in CloneBlobInfo /home/test/Downloads/GraphicsMagick-1.3.26/magick/blob.c:808:14
    #2 0x63f90d in ReadImage /home/test/Downloads/GraphicsMagick-1.3.26/magick/constitute.c:1607:13
    #3 0x63ed64 in PingImage /home/test/Downloads/GraphicsMagick-1.3.26/magick/constitute.c:1370:9
    #4 0x5b0232 in MagickCommand /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:8869:17
    #5 0x5f621e in GMCommandSingle /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:17396:10
    #6 0x5f4aab in GMCommand /home/test/Downloads/GraphicsMagick-1.3.26/magick/command.c:17449:16
    #7 0x7fed6998cb34 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/../csu/libc-start.c:274

Indirect leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x4ea255 in posix_memalign /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:142
    #1 0x71147b in MagickMallocAligned /home/test/Downloads/GraphicsMagick-1.3.26/magick/memory.c:217:7
    #2 0x7637f7 in AllocateCacheNexus /home/test/Downloads/GraphicsMagick-1.3.26/magick/pixel_cache.c:2507:14
    #3 0x7637f7 in OpenCacheView /home/test/Downloads/GraphicsMagick-1.3.26/magick/pixel_cache.c:3332

Indirect leak of 64 byte(s) in 1 object(s) allocated from:
    #0 0x4ea255 in posix_memalign /home/test/Downloads/llvm-clang/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:142
    #1 0x71147b in MagickMallocAligned /home/test/Downloads/GraphicsMagick-1.3.26/magick/memory.c:217:7
    #2 0x7637cd in OpenCacheView /home/test/Downloads/GraphicsMagick-1.3.26/magick/pixel_cache.c:3326:8

......
11784 byte(s) leaked in 11 allocation(s).


CVE Details:
Comment 1 D'juan McDonald (domhnall) 2017-08-22 19:19:43 UTC
CVE Details:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13066
Comment 2 D'juan McDonald (domhnall) 2017-08-23 01:13:18 UTC
From ${URL}:

Bob Friesenhahn  -   2017-08-12   
  
 
This issue was already fixed in GraphicsMagick Mercurial on August 11th.

@maintainer(s), please follow procedure to close on this report, thank you.

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 3 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-03-26 00:46:21 UTC
@maintainer(s), please clean the vulnerable version from the tree.
Comment 4 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-03-26 01:39:59 UTC
cleanup will be tracked in bug #640690

GLSA Vote: No