From ${URL}: In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. Upstrea:(https://github.com/ImageMagick/ImageMagick/issues/715) Patch:https://github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14172 In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value. Patch:https://github.com/ImageMagick/ImageMagick/commit/48bcf7c39302cdf9b0d9202ad03bf1b95152c44d Upstream:(https://github.com/ImageMagick/ImageMagick/issues/713) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14173 In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. Patch: 2/2 https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8 https://github.com/ImageMagick/ImageMagick/commit/f68a98a9d385838a1c73ec960a14102949940a64 Upstream:(https://github.com/ImageMagick/ImageMagick/issues/714) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14174 In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop. Upstream:(https://github.com/ImageMagick/ImageMagick/issues/712) Patch:https://github.com/ImageMagick/ImageMagick/commit/b8c63b156bf26b52e710b1a0643c846a6cd01e56 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14175 @maintainer(s), after bump, please call for stabilization if needed, thank you. Daj Uan (jmbailey/mbailey_j) Gentoo Security Padawan
@maintainer(s), further research points to multiple patches for each cve , located at upstream /issues/#.
CVE-2017-14175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14175): In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14174): In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. CVE-2017-14173 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14173): In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value. CVE-2017-14172 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14172): In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
Fixed in Gentoo via https://github.com/gentoo/gentoo/commit/e55c500d5efec48f8fb7aa3da8b27b9dc0b30dbf#diff-c3da9b5318c1a67d6927fb8032d46fe5
This issue was resolved and addressed in GLSA 201711-07 at https://security.gentoo.org/glsa/201711-07 by GLSA coordinator Aaron Bauman (b-man).
