Main Vulnerability Database SB2024090439

SB2024090439 - Ubuntu update for imagemagick

Published: September 4, 2024

Security Bulletin ID SB2024090439

Severity

High

Patch available

YES

Number of vulnerabilities 11

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.

1) Resource management error (CVE-ID: CVE-2019-12975)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

2) Resource exhaustion (CVE-ID: CVE-2019-11470)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a lack of checks for insufficient image data in a file in the "ReadCINImage()" function, as defined in the "coders/cin.c" file. A remote attacker can send a specially crafted Cineon image with an incorrect claimed image size, trick a user into opening it, trigger resource exhaustion and perform a denial of service (DoS) attack.

3) Division by zero (CVE-ID: CVE-2019-11472)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.

4) Out-of-bounds read (CVE-ID: CVE-2019-11597)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. A remote attacker can perform a denial of service attack.

5) NULL pointer dereference (CVE-ID: CVE-2019-12974)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted image.

6) Improper Initialization (CVE-ID: CVE-2019-12979)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

7) Improper Initialization (CVE-ID: CVE-2019-12978)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.

8) Off-by-one (CVE-ID: CVE-2019-10131)

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to an off-by-one read error in the formatIPTCfromBuffer function in coders/meta.c. A remote attacker can pass specially crafted image file the to affected application, trigger an off-by-one read error and perform denial of service attack.

9) Memory leak (CVE-ID: CVE-2019-12976)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ReadPCLImage function in coders/pcl.c. A remote attacker can perform a denial of service attack.

10) Out-of-bounds read (CVE-ID: CVE-2019-10650)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the WriteTIFFImage() function in coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. A remote attacker can perform a denial of service attack.

11) Out-of-bounds read (CVE-ID: CVE-2019-11598)

The vulnerability allows a remote attacker to access sensitive information or cause a denial of service (DoS) condition.

The vulnerability exists due to a boundary condition in the "WritePNMImage()" function in the "coders/pnm.c" file. A remote attacker can send a specially crafted image file (related to SetGrayscaleImage in MagickCore/quantize.c.), trick the victim into opening it, trigger out-of-bounds read error, get access to sensitive information or cause a DoS condition on the targeted system.

Remediation

Install update from vendor's website.

References

https://ubuntu.com/security/notices/USN-6985-1

Vulnerable Software

Ubuntu: 14.04
libmagick++5 (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagickcore5-extra (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagickwand5 (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagickcore5 (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagickcore-dev (Ubuntu package): before Ubuntu Pro (Infra-only)
imagemagick-common (Ubuntu package): before Ubuntu Pro (Infra-only)
imagemagick (Ubuntu package): before Ubuntu Pro (Infra-only)
perlmagick (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagick++-dev (Ubuntu package): before Ubuntu Pro (Infra-only)
libmagickwand-dev (Ubuntu package): before Ubuntu Pro (Infra-only)

SB2024090439 - Ubuntu update for imagemagick

Breakdown by Severity

Description

Remediation

References

Please verify you're human