Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 835931 (CVE-2021-4219) - <media-gfx/imagemagick-{6.9.12.34,7.1.0.20}: denial of service via svg file opening stdin
Summary: <media-gfx/imagemagick-{6.9.12.34,7.1.0.20}: denial of service via svg file o...
Status: CONFIRMED
Alias: CVE-2021-4219
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/ImageMagick/ImageM...
Whiteboard: B4 [glsa]
Keywords:
Depends on: 866431
Blocks:
  Show dependency tree
 
Reported: 2022-03-24 16:33 UTC by John Helmert III
Modified: 2024-01-31 13:20 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-24 16:33:09 UTC 
CVE-2021-4219:

A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an attacker to crash the system.
Comment 1 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2022-03-24 18:00:19 UTC 
Oh no, now whissi will forcibly disable reading and writing SVG files forever.
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2022-10-08 22:32:39 UTC 
Is stable.