CVE-2017-13736 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13736): There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. References: https://bugzilla.redhat.com/show_bug.cgi?id=1484192 CVE-2017-13737 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13737): There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. References: https://bugzilla.redhat.com/show_bug.cgi?id=1484196
(In reply to Aleksandr Wagner (Kivak) from comment #0) > CVE-2017-13736 > (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13736): > > There are lots of memory leaks in the GMCommand function in magick/command.c > in GraphicsMagick 1.3.26 that will lead to a remote denial of service > attack. > > References: > > https://bugzilla.redhat.com/show_bug.cgi?id=1484192 > Still trying to track a fix for this > CVE-2017-13737 > (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13737): > > There is an invalid free in the MagickFree function in magick/memory.c in > GraphicsMagick 1.3.26 that will lead to a remote denial of service attack. > > References: > > https://bugzilla.redhat.com/show_bug.cgi?id=1484196 Fixed in 1.3.27
(In reply to Aaron Bauman from comment #1) > (In reply to Aleksandr Wagner (Kivak) from comment #0) > > CVE-2017-13736 > > (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13736): > > > > There are lots of memory leaks in the GMCommand function in magick/command.c > > in GraphicsMagick 1.3.26 that will lead to a remote denial of service > > attack. > > > > References: > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1484192 > > > > Still trying to track a fix for this I can't reproduce on the in-tree version with -fsanitize=address using the POC linked in that Redhat bug.
(In reply to John Helmert III (ajak) from comment #2) > (In reply to Aaron Bauman from comment #1) > > (In reply to Aleksandr Wagner (Kivak) from comment #0) > > > CVE-2017-13736 > > > (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13736): > > > > > > There are lots of memory leaks in the GMCommand function in magick/command.c > > > in GraphicsMagick 1.3.26 that will lead to a remote denial of service > > > attack. > > > > > > References: > > > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1484192 > > > > > > > Still trying to track a fix for this > > I can't reproduce on the in-tree version with -fsanitize=address using the > POC linked in that Redhat bug. There have been a LOT of fuzzing fixes in GM since then. Thanks! Closing.