openSUSE-SU-2016:3233

openSUSE-SU-2017:0023

openSUSE-SU-2016:3238

[oss-security] 20161020 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)

[oss-security] 20161021 Re: imagemagick: memory allocation failure in AcquireMagickMemory (memory.c) (incomplete fix for CVE-2016-8862)

https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/

https://bugzilla.redhat.com/show_bug.cgi?id=1388816

https://github.com/ImageMagick/ImageMagick/issues/271

This update for ImageMagick fixes the following issues :

  - CVE-2016-9556 Possible Heap-overflow found by fuzzing     [bsc#1011130]

  - CVE-2016-9559 Possible NULL pointer access found by     fuzzing [bsc#1011136]

  - CVE-2016-8707 Possible code execution in Tiff conver     utility [bsc#1014159]

  - CVE-2016-8866 Memory allocation failure in     AcquireMagickMemory could lead to Heap overflow     [bsc#1009318]

  - CVE-2016-9559 Possible NULL pointer access found by     fuzzing [bsc#1011136]

This update was imported from the SUSE:SLE-12:Update update project.

This update for ImageMagick fixes the following issues :

  - CVE-2016-9556 Possible Heap-overflow found by fuzzing     [bsc#1011130]

  - CVE-2016-9559 Possible NULL pointer access found by     fuzzing [bsc#1011136]

  - CVE-2016-8707 Possible code execution in Tiff conver     utility [bsc#1014159]

  - CVE-2016-8866 Memory allocation failure in     AcquireMagickMemory could lead to Heap overflow     [bsc#1009318]

  - CVE-2016-9559 Possible NULL pointer access found by     fuzzing [bsc#1011136]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for ImageMagick fixes the following issues :

  - CVE-2016-9556: Possible Heap-overflow found by fuzzing     [bsc#1011130]

  - CVE-2016-9559: Possible NULL pointer access found by     fuzzing [bsc#1011136]

  - CVE-2016-8707: Possible code execution in the tiff     deflate convert code [bsc#1014159]

  - CVE-2016-9773: Possible Heap overflow in IsPixelGray     [bsc#1013376]

  - CVE-2016-8866: Possible memory allocation failure in     AcquireMagickMemory [bsc#1009318]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This security update for ImageMagick fixes the following issues :

  - a maliciously crafted compressed TIFF image could cause     code remote code execution in the convert utility in     particular circumstances (CVE-2016-8707, boo#1014159)

  - a memory allocation failure was fixed (CVE-2016-8866,     boo#1009318, follow up on CVE-2016-8862)

  - the identify utility could crash on maliciously crafted     images (CVE-2016-9773, boo#1013376, follow up on     CVE-2016-9556)

This security update for GraphicsMagick fixes the following issues :

  - a memory allocation failure was fixed (CVE-2016-8866,     boo#1009318)

  - maliciously crafted jng files could crash the identify     utility (CVE-2016-9830, boo#1013640)

Numerous vulnerabilities were discovered in ImageMagick, an image manipulation program. Issues include memory exception, heap, buffer and stack overflows, out of bound reads and missing checks.

For Debian 7 'Wheezy', these problems have been fixed in version 8:6.7.7.10-5+deb7u10.

The exact impact of the vulnerabilities is unknown, as they were mostly discovered through fuzzing. We still recommend that you upgrade your imagemagick packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Multiple sources report :

CVE-2016-9298: heap overflow in WaveletDenoiseImage(), fixed in ImageMagick7-7.0.3.6, discovered 2016-10-31

CVE-2016-8866: memory allocation failure in AcquireMagickMemory (incomplete previous fix for CVE-2016-8862), not fixed yet with the release of this announcement, re-discovered 2016-10-13.

CVE-2016-8862: memory allocation failure in AcquireMagickMemory, initially partially fixed in ImageMagick7-7.0.3.3, discovered 2016-09-14.

ID	Name	Product	Family	Severity
135519	EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-1390)	Nessus	Huawei Local Security Checks	high
131846	EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2019-2354)	Nessus	Huawei Local Security Checks	high
96296	openSUSE Security Update : ImageMagick (openSUSE-2017-14)	Nessus	SuSE Local Security Checks	medium
96139	SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:3258-1)	Nessus	SuSE Local Security Checks	medium
96138	SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:3256-1)	Nessus	SuSE Local Security Checks	medium
96133	openSUSE Security Update : ImageMagick (openSUSE-2016-1512)	Nessus	SuSE Local Security Checks	medium
96132	openSUSE Security Update : GraphicsMagick (openSUSE-2016-1511)	Nessus	SuSE Local Security Checks	medium
96051	Debian DLA-756-1 : imagemagick security update	Nessus	Debian Local Security Checks	medium
95514	FreeBSD : ImageMagick7 -- multiple vulnerabilities (e1f67063-aab4-11e6-b2d3-60a44ce6887b)	Nessus	FreeBSD Local Security Checks	medium

CVE-2016-8866

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

high

high

medium

medium

medium

medium

medium

medium

medium