Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 712036 (CVE-2020-10251) - <media-gfx/imagemagick-7.0.10.0: out-of-bounds read (CVE-2020-10251)
Summary: <media-gfx/imagemagick-7.0.10.0: out-of-bounds read (CVE-2020-10251)
Status: RESOLVED FIXED
Alias: CVE-2020-10251
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
: 712038 (view as bug list)
Depends on:
Blocks:
 
Reported: 2020-03-10 07:58 UTC by filip ambroz
Modified: 2020-03-11 23:05 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description filip ambroz 2020-03-10 07:58:25 UTC
In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10251
https://nvd.nist.gov/vuln/detail/CVE-2020-10251
Comment 1 Agostino Sarubbo gentoo-dev 2020-03-10 08:03:45 UTC
*** Bug 712038 has been marked as a duplicate of this bug. ***
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-03-10 08:04:29 UTC
Thanks! Please set alias so it's easier to find dups.
---
Description:

Bug: https://github.com/ImageMagick/ImageMagick/issues/1859
Patch: https://github.com/ImageMagick/ImageMagick/commit/868aad754ee599eb7153b84d610f2ecdf7b339f6

Does not seem to have been included in a release yet, but patch can be applied.
Comment 3 Thomas Deutschmann gentoo-dev 2020-03-11 23:01:07 UTC
Affects v7.x and USE=heif only.
Comment 4 Larry the Git Cow gentoo-dev 2020-03-11 23:04:33 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a78339232a6abb455f581e378c1e6820cd882994

commit a78339232a6abb455f581e378c1e6820cd882994
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-03-11 23:04:15 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-03-11 23:04:25 +0000

    media-gfx/imagemagick: security cleanup (bug #712036)
    
    Bug: https://bugs.gentoo.org/712036
    Package-Manager: Portage-2.3.93, Repoman-2.3.20
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 media-gfx/imagemagick/Manifest                     |   2 -
 media-gfx/imagemagick/imagemagick-6.9.10.96.ebuild | 250 --------------------
 media-gfx/imagemagick/imagemagick-7.0.9.26.ebuild  | 262 ---------------------
 3 files changed, 514 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=342f3a1056f4fc6dd7d336a6c7e248787833045b

commit 342f3a1056f4fc6dd7d336a6c7e248787833045b
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-03-11 23:03:21 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-03-11 23:04:24 +0000

    media-gfx/imagemagick: move stable keywords (bug #712036)
    
    Bug: https://bugs.gentoo.org/712036
    Package-Manager: Portage-2.3.93, Repoman-2.3.20
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 media-gfx/imagemagick/imagemagick-6.9.11.0.ebuild | 2 +-
 media-gfx/imagemagick/imagemagick-7.0.10.0.ebuild | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
Comment 5 Thomas Deutschmann gentoo-dev 2020-03-11 23:05:44 UTC
GLSA Vote: No!

Repository is clean, all done.