SB2018101722 - OpenSUSE Linux update for ImageMagick
Published: October 17, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2017-11532)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to memory leak in the WriteMPCImage() function in coders/mpc.c. source code file. A remote attacker can trick the victim into opening specially crafted file in convert, trigger memory leak and cause the service to crash.
2) Buffer over-read (CVE-ID: CVE-2018-16413)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a heap-based buffer over-read in the MagickCore/quantum-private.h in PushShortPixel() function when called from the coders/psd.c ParseImageResourceBlocks() function. A remote attacker can perform a denial of service attack with a specially crafted image file.
3) Input validation error (CVE-ID: CVE-2018-16640)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
4) Heap-based buffer overflow (CVE-ID: CVE-2018-16642)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within InsertRow in coders/cut.c when processing images. A remote attacker can create a specially crafted image, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Input validation error (CVE-ID: CVE-2018-16643)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
6) Input validation error (CVE-ID: CVE-2018-16644)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient check for length in ReadDCMImage() function in coders/dcm.c and in ReadPICTImage() function in coders/pict.c. A remote attacker can pass a specially crafted image to the affected application and trigger application crash.
7) Buffer overflow (CVE-ID: CVE-2018-16645)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ReadBMPImage() function in coders/bmp.c and in ReadDIBImage() function in coders/dib.c. A remote attacker can create a specially crafted image, pass it to the affected application and trigger application crash due to memory allocation error.
8) Reachable Assertion (CVE-ID: CVE-2018-16749)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a missing NULL check in ReadOneJNGImage() function in coders/png.c. A remote attacker can trigger an assertion failure with a specially crafted image file and crash the vulnerable application.
9) Memory leak (CVE-ID: CVE-2018-16750)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the formatIPTCfromBuffer() function in coders/meta.c. A remote attacker can perform a denial of service attack via a specially crafted image file.
Remediation
Install update from vendor's website.