#VU68076 Heap-based buffer overflow in ImageMagick - CVE-2022-1115

Cybersecurity Help s.r.o.

Published: 2022-10-10

Vulnerability identifier: #VU68076

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-1115

CWE-ID: CWE-122

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ImageMagick
Client/Desktop applications / Multimedia software

Vendor: ImageMagick.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the PushShortPixel() function in quantum-private.h when processing TIFF images. A remote attacker can pass specially crafted TIFF image to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ImageMagick: before 6.9.12-44, 7.1.0-29, 6.9.12-44, 6.9.12-44

External links
https://github.com/ImageMagick/ImageMagick/issues/4974
https://access.redhat.com/security/cve/CVE-2022-1115
https://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09
https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51
https://bugzilla.redhat.com/show_bug.cgi?id=2067022

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Debian update for imagemagick

Gentoo update for ImageMagick

Denial of service in ImageMagick

openEuler update for ImageMagick