https://github.com/ImageMagick/ImageMagick/issues/793

This update for ImageMagick fixes the following issues :

  - CVE-2017-14325: In ImageMagick, a memory leak     vulnerability was found in the function     PersistPixelCache in magick/cache.c, which allowed     attackers to cause a denial of service (memory     consumption in ReadMPCImage in coders/mpc.c) via a     crafted file. [bsc#1058635]

  - CVE-2017-17887: In ImageMagick, a memory leak     vulnerability was found in the function     GetImagePixelCache in magick/cache.c, which allowed     attackers to cause a denial of service via a crafted MNG     image file that is processed by ReadOneMNGImage.
    [bsc#1074117]

  - CVE-2017-18250: A NULL pointer dereference vulnerability     was found in the function LogOpenCLBuildFailure in     MagickCore/opencl.c, which could lead to a denial of     service via a crafted file. [bsc#1087039]

  - CVE-2017-18251: A memory leak vulnerability was found in     the function ReadPCDImage in coders/pcd.c, which could     lead to a denial of service via a crafted file.
    [bsc#1087037]

  - CVE-2017-18252: The MogrifyImageList function in     MagickWand/mogrify.c could allow attackers to cause a     denial of service via a crafted file. [bsc#1087033]

  - CVE-2017-18254: A memory leak vulnerability was found in     the function WriteGIFImage in coders/gif.c, which could     lead to denial of service via a crafted file.
    [bsc#1087027]

  - CVE-2018-8960: The ReadTIFFImage function in     coders/tiff.c in ImageMagick did not properly restrict     memory allocation, leading to a heap-based buffer     over-read. [bsc#1086782]

  - CVE-2018-9018: divide-by-zero in the ReadMNGImage     function of coders/png.c. Attackers could leverage this     vulnerability to cause a crash and denial of service via     a crafted mng file. [bsc#1086773]

  - CVE-2018-9135: heap-based buffer over-read in     IsWEBPImageLossless in coders/webp.c could lead to     denial of service. [bsc#1087825]

  - CVE-2018-10177: In ImageMagick, there was an infinite     loop in the ReadOneMNGImage function of the coders/png.c     file. Remote attackers could leverage this vulnerability     to cause a denial of service via a crafted mng file.
    [bsc#1089781]

  - CVE-2017-10928: a heap-based buffer over-read in the     GetNextToken function in token.c could allow attackers     to obtain sensitive information from process memory or     possibly have unspecified other impact via a crafted SVG     document that is mishandled in the     GetUserSpaceCoordinateValue function in coders/svg.c.
    [bsc#1047356]

This update was imported from the SUSE:SLE-12:Update update project.

This update for ImageMagick fixes the following issues :

  - CVE-2017-14325: In ImageMagick, a memory leak     vulnerability was found in the function     PersistPixelCache in magick/cache.c, which allowed     attackers to cause a denial of service (memory     consumption in ReadMPCImage in coders/mpc.c) via a     crafted file. [bsc#1058635]

  - CVE-2017-17887: In ImageMagick, a memory leak     vulnerability was found in the function     GetImagePixelCache in magick/cache.c, which allowed     attackers to cause a denial of service via a crafted MNG     image file that is processed by ReadOneMNGImage.
    [bsc#1074117]

  - CVE-2017-18250: A NULL pointer dereference vulnerability     was found in the function LogOpenCLBuildFailure in     MagickCore/opencl.c, which could lead to a denial of     service via a crafted file. [bsc#1087039]

  - CVE-2017-18251: A memory leak vulnerability was found in     the function ReadPCDImage in coders/pcd.c, which could     lead to a denial of service via a crafted file.
    [bsc#1087037]

  - CVE-2017-18252: The MogrifyImageList function in     MagickWand/mogrify.c could allow attackers to cause a     denial of service via a crafted file. [bsc#1087033]

  - CVE-2017-18254: A memory leak vulnerability was found in     the function WriteGIFImage in coders/gif.c, which could     lead to denial of service via a crafted file.
    [bsc#1087027]

  - CVE-2018-8960: The ReadTIFFImage function in     coders/tiff.c in ImageMagick did not properly restrict     memory allocation, leading to a heap-based buffer     over-read. [bsc#1086782]

  - CVE-2018-9018: divide-by-zero in the ReadMNGImage     function of coders/png.c. Attackers could leverage this     vulnerability to cause a crash and denial of service via     a crafted mng file. [bsc#1086773]

  - CVE-2018-9135: heap-based buffer over-read in     IsWEBPImageLossless in coders/webp.c could lead to     denial of service. [bsc#1087825]

  - CVE-2018-10177: In ImageMagick, there was an infinite     loop in the ReadOneMNGImage function of the coders/png.c     file. Remote attackers could leverage this vulnerability     to cause a denial of service via a crafted mng file.
    [bsc#1089781]

  - CVE-2017-10928: a heap-based buffer over-read in the     GetNextToken function in token.c could allow attackers     to obtain sensitive information from process memory or     possibly have unspecified other impact via a crafted SVG     document that is mishandled in the     GetUserSpaceCoordinateValue function in coders/svg.c.
    [bsc#1047356]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
109715	openSUSE Security Update : ImageMagick (openSUSE-2018-442)	Nessus	SuSE Local Security Checks	high
109673	SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:1178-1)	Nessus	SuSE Local Security Checks	high

CVE-2017-18250

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

high

high