In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69.
https://bugzilla.redhat.com/show_bug.cgi?id=1894231
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
Source: MITRE
Published: 2020-12-08
Updated: 2021-03-25
Type: CWE-190
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 3.3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Impact Score: 1.4
Exploitability Score: 1.8
Severity: LOW
OR
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
148080 | Debian DLA-2602-1 : imagemagick security update | Nessus | Debian Local Security Checks | medium |
145394 | openSUSE Security Update : ImageMagick (openSUSE-2021-148) | Nessus | SuSE Local Security Checks | medium |
145363 | SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2021:0199-1) | Nessus | SuSE Local Security Checks | medium |
145361 | openSUSE Security Update : ImageMagick (openSUSE-2021-136) | Nessus | SuSE Local Security Checks | medium |
145198 | SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2021:0153-1) | Nessus | SuSE Local Security Checks | medium |
145181 | SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2021:0156-1) | Nessus | SuSE Local Security Checks | medium |