SB2018063002 - OpenSUSE Linux update for ImageMagick

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018063002

SB2018063002 - OpenSUSE Linux update for ImageMagick

Published: June 30, 2018

Security Bulletin ID SB2018063002
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Low 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Heap-based buffer over-read (CVE-ID: CVE-2017-10928)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the GetNextToken function in token.c due to heap-based buffer over-read. A remote attacker can trick the victim into opening a specially crafted SVG document and gain access to potentially sensitive information.

2) Heap-based buffer overflow (CVE-ID: CVE-2017-13758)

The vulnerability allows a remote attacker can execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in TracePoint() in 'MagickCore/draw.c' when handling malicious content. A remote attacker can send a specially crafted file, trick the victim into loading it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

3) Infinite loop (CVE-ID: CVE-2017-18271)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to infinite loop in the function ReadMIFFImage in coders/miff.c. A remote attacker can submit a specially crafted MIFF image file, trigger CPU exhaustion and cause the service to crash.


4) Memory leak (CVE-ID: CVE-2018-10804)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within WriteTIFFImage in coders/tiff.c. A remote attacker can perform a denial of service attack.


5) Memory leak (CVE-ID: CVE-2018-10805)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within ReadYCBCRImage in coders/ycbcr.c. A remote attacker can perform a denial of service attack.


6) Buffer over-read (CVE-ID: CVE-2018-11251)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a specially crafted SUN image file. A remote attacker can perform a denial of service attack.


7) Memory leak (CVE-ID: CVE-2018-11655)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the function GetImagePixelCache in MagickCore/cache.c. A remote attacker can perform a denial of service attack via a specially crafted CALS image file.


8) Resource management error (CVE-ID: CVE-2018-9133)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due resource management error in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c file. A remote attacker can perform a denial of service attack via a crafted tiff file.


Remediation

Install update from vendor's website.

References