The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.

New bug and security fix release, see http://www.graphicsmagick.org/NEWS.html#june-15-2019

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

http://www.graphicsmagick.org/NEWS.html#june-15-2019

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which could result in denial of service or the execution of arbitrary code if malformed image files are processed.

Various vulnerabilities were discovered in graphicsmagick, a collection of image processing tools and associated libraries, resulting in denial of service, information disclosure, and a variety of buffer overflows and overreads.

For Debian 8 'Jessie', these problems have been fixed in version 1.3.20-3+deb8u4.

We recommend that you upgrade your graphicsmagick packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for GraphicsMagick fixes the following issues :

  - security update (core)

  - CVE-2018-6799: The AcquireCacheNexus function in     magick/pixel_cache.c in GraphicsMagick before 1.3.28     allows remote attackers to cause a denial of service     (heap overwrite) or possibly have unspecified other     impact via a crafted image file, because a pixel staging     area is not used. [boo#1080522]

  - security update (png.c)

  - CVE-2018-9018: In GraphicsMagick 1.3.28, there is a     divide-by-zero in the ReadMNGImage function of     coders/png.c. Remote attackers could leverage this     vulnerability to cause a crash and denial of service via     a crafted mng file. [boo#1086773]

  - security update (gif.c)

  - CVE-2017-18254: An issue was discovered in ImageMagick     7.0.7. A memory leak vulnerability was found in the     function WriteGIFImage in coders/gif.c, which allow     remote attackers to cause a denial of service via a     crafted file. [boo#1087027]

  - security update (pcd.c)

  - CVE-2017-18251: An issue was discovered in ImageMagick     7.0.7. A memory leak vulnerability was found in the     function ReadPCDImage in coders/pcd.c, which allow     remote attackers to cause a denial of service via a     crafted file. [boo#1087037]

  - CVE-2017-18229: An issue was discovered in     GraphicsMagick 1.3.26. An allocation failure     vulnerability was found in the function ReadTIFFImage in     coders/tiff.c, which allows attackers to cause a denial     of service via a crafted file, because file size is not     properly used to restrict scanline, strip, and tile     allocations. [boo#1085236]

  - CVE-2017-11641: GraphicsMagick 1.3.26 has a Memory Leak     in the PersistCache function in magick/pixel_cache.c     during writing of Magick Persistent Cache (MPC)     files.[boo#1050623]

  - CVE-2017-13066: GraphicsMagick 1.3.26 has a memory leak     vulnerability in the function CloneImage in     magick/image.c. [boo#1055010]

  - CVE-2018-10177: Specially crafted PNG images may have     triggered an infinite loop [bsc#1089781]

A denial of service vulnerability has been discovered in graphicsmagick, a collection of image processing tools and associated libraries.

A specially crafted file can be used to produce a denial of service (heap overwrite) or possible other unspecified impact by exploiting a defect related to unused pixel staging area in the AcquireCacheNexus function in magick/pixel_cache.c.

For Debian 7 'Wheezy', these problems have been fixed in version 1.3.16-1.1+deb7u18.

We recommend that you upgrade your graphicsmagick packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
126361	Fedora 30 : GraphicsMagick (2019-da4c20882c)	Nessus	Fedora Local Security Checks	high
126356	Fedora 29 : GraphicsMagick (2019-425a1aa7c9)	Nessus	Fedora Local Security Checks	high
118179	Debian DSA-4321-1 : graphicsmagick - security update	Nessus	Debian Local Security Checks	critical
111520	Debian DLA-1456-1 : graphicsmagick security update	Nessus	Debian Local Security Checks	critical
109521	openSUSE Security Update : GraphicsMagick (openSUSE-2018-407)	Nessus	SuSE Local Security Checks	critical
106809	Debian DLA-1282-1 : graphicsmagick security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2018-6799

high

Tenable Plugins

high

high

critical

critical

critical

high