http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d

100556

https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/

USN-4206-1

It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-10794, CVE-2017-10799, CVE-2017-11102, CVE-2017-11140, CVE-2017-11403, CVE-2017-11636, CVE-2017-11637, CVE-2017-13147, CVE-2017-14042, CVE-2017-6335).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for ImageMagick fixes several issues. These security issues were fixed :

  - CVE-2017-14343: Fixed a memory leak vulnerability in     ReadXCFImage in coders/xcf.c via a crafted xcf image     file (bsc#1058422).

  - CVE-2017-12691: The ReadOneLayer function in     coders/xcf.c allowed remote attackers to cause a denial     of service (memory consumption) via a crafted file     (bsc#1058422).

  - CVE-2017-14042: Prevent memory allocation failure in the     ReadPNMImage function in coders/pnm.c. The vulnerability     caused a big memory allocation, which may have lead to     remote denial of service in the MagickRealloc function     in magick/memory.c (bsc#1056550).

  - CVE-2017-15281: ReadPSDImage in coders/psd.c allowed     remote attackers to cause a denial of service     (application crash) or possibly have unspecified other     impact via a crafted file (bsc#1063049).

  - CVE-2017-13061: A length-validation vulnerability in the     function ReadPSDLayersInternal in coders/psd.c allowed     attackers to cause a denial of service (ReadPSDImage     memory exhaustion) via a crafted file (bsc#1055063).

  - CVE-2017-12563: A memory exhaustion vulnerability in the     function ReadPSDImage in coders/psd.c allowed attackers     to cause a denial of service (bsc#1052460).

  - CVE-2017-14174: coders/psd.c allowed for DoS in     ReadPSDLayersInternal() due to lack of an EOF (End of     File) check might have caused huge CPU consumption. When     a crafted PSD file, which claims a large 'length' field     in the header but did not contain sufficient backing     data, is provided, the loop over 'length' would consume     huge CPU resources, since there is no EOF check inside     the loop (bsc#1057723).

  - CVE-2017-13062: A memory leak vulnerability in the     function formatIPTC in coders/meta.c allowed attackers     to cause a denial of service (WriteMETAImage memory     consumption) via a crafted file (bsc#1055053).

  - CVE-2017-15277: ReadGIFImage in coders/gif.c left the     palette uninitialized when processing a GIF file that     has neither a global nor local palette. If this     functionality was used as a library loaded into a     process that operates on interesting data, this data     sometimes could have been leaked via the uninitialized     palette (bsc#1063050).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for ImageMagick fixes the following issues :

  - security update (xcf.c) :

  - CVE-2017-14343: Memory leak vulnerability in     ReadXCFImage could lead to denial of service via a     crafted file. CVE-2017-12691: The ReadOneLayer function     in coders/xcf.c allows remote attackers to cause a     denial of service (memory consumption) via a crafted     file. [bsc#1058422]

  - security update (pnm.c) :

  - CVE-2017-14042: A memory allocation failure was     discovered in the ReadPNMImage function in coders/pnm.c     and could lead to remote denial of service [bsc#1056550]

  - security update (psd.c) :

  - CVE-2017-15281: ReadPSDImage allows remote attackers to     cause a denial of service (application crash) or     possibly have unspecified other impact via a crafted     file [bsc#1063049]

  - CVE-2017-13061: A length-validation vulnerability was     found in the function ReadPSDLayersInternal in     coders/psd.c, which allows attackers to cause a denial     of service (ReadPSDImage memory exhaustion) via a     crafted file. [bsc#1055063]

  - CVE-2017-12563: A Memory exhaustion vulnerability was     found in the function ReadPSDImage in coders/psd.c,     which allows attackers to cause a denial of service.
    [bsc#1052460]

  - CVE-2017-14174: Due to a lack of an EOF check (End of     File) in ReadPSDLayersInternal could cause huge CPU     consumption, when a crafted PSD file, which claims a     large 'length' field in the header but does not contain     sufficient backing data, is provided, the loop over     \'length\' would consume huge CPU resources, since there     is no EOF check inside the loop.[bsc#1057723]

  - security update (meta.c) :

  - CVE-2017-13062: Amemory leak vulnerability was found in     the function formatIPTC in coders/meta.c, which allows     attackers to cause a denial of service (WriteMETAImage     memory consumption) via a crafted file [bsc#1055053]

  - security update (gif.c) :

  - CVE-2017-15277: ReadGIFImage in coders/gif.c leaves the     palette uninitialized when processing a GIF file that     has neither a global nor local palette. If the affected     product is used as a library loaded into a process that     operates on interesting data, this data sometimes can be     leaked via the uninitialized palette.[bsc#1063050]

This update was imported from the SUSE:SLE-12:Update update project.

This update for ImageMagick fixes the following issues :

  - security update (xcf.c) :

  - CVE-2017-14343: Memory leak vulnerability in     ReadXCFImage could lead to denial of service via a     crafted file. CVE-2017-12691: The ReadOneLayer function     in coders/xcf.c allows remote attackers to cause a     denial of service (memory consumption) via a crafted     file. [bsc#1058422]

  - security update (pnm.c) :

  - CVE-2017-14042: A memory allocation failure was     discovered in the ReadPNMImage function in coders/pnm.c     and could lead to remote denial of service [bsc#1056550]

  - security update (psd.c) :

  - CVE-2017-15281: ReadPSDImage allows remote attackers to     cause a denial of service (application crash) or     possibly have unspecified other impact via a crafted     file [bsc#1063049]

  - CVE-2017-13061: A length-validation vulnerability was     found in the function ReadPSDLayersInternal in     coders/psd.c, which allows attackers to cause a denial     of service (ReadPSDImage memory exhaustion) via a     crafted file. [bsc#1055063]

  - CVE-2017-12563: A Memory exhaustion vulnerability was     found in the function ReadPSDImage in coders/psd.c,     which allows attackers to cause a denial of service.
    [bsc#1052460]

  - CVE-2017-14174: Due to a lack of an EOF check (End of     File) in ReadPSDLayersInternal could cause huge CPU     consumption, when a crafted PSD file, which claims a     large 'length' field in the header but does not contain     sufficient backing data, is provided, the loop over     \'length\' would consume huge CPU resources, since there     is no EOF check inside the loop.[bsc#1057723]

  - security update (meta.c) :

  - CVE-2017-13062: Amemory leak vulnerability was found in     the function formatIPTC in coders/meta.c, which allows     attackers to cause a denial of service (WriteMETAImage     memory consumption) via a crafted file [bsc#1055053]

  - security update (gif.c) :

  - CVE-2017-15277: ReadGIFImage in coders/gif.c leaves the     palette uninitialized when processing a GIF file that     has neither a global nor local palette. If the affected     product is used as a library loaded into a process that     operates on interesting data, this data sometimes can be     leaked via the uninitialized palette.[bsc#1063050]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for GraphicsMagick fixes the following issues :

  - CVE-2017-14042: Denial of service through a large memory     allocation via specially crafted PNM images     (boo#1056550)

  - CVE-2017-14504: NULL pointer dereference via specially     crafted PNM images (boo#1059721)

  - CVE-2017-17498: Denial of service or unspecified other     impact through a heap-based buffer overflow via     specially crafted PNM images (boo#1072103)

  - CVE-2017-15277: Information leak from the application     into palette data via specially crafted GIF images     (boo#1063050)

ID	Name	Product	Family	Severity
131695	Ubuntu 16.04 LTS : graphicsmagick vulnerabilities (USN-4206-1)	Nessus	Ubuntu Local Security Checks	high
105719	SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0043-1)	Nessus	SuSE Local Security Checks	high
105640	openSUSE Security Update : ImageMagick (openSUSE-2018-7)	Nessus	SuSE Local Security Checks	high
105579	SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0017-1)	Nessus	SuSE Local Security Checks	high
105342	openSUSE Security Update : GraphicsMagick (openSUSE-2017-1386)	Nessus	SuSE Local Security Checks	medium

CVE-2017-14042

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins