Ubuntu 16.04 ESM / 18.04 LTS : ImageMagick vulnerabilities (USN-5736-1)

high Nessus Plugin ID 168160

Synopsis

The remote Ubuntu host is missing one or more security updates.

Description

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5736-1 advisory.

It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224)

Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data.
If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241)

Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data.
If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20243)

It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20244)

It was discovered that ImageMagick could be made to divide by zero when processing crafted files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245)

It was discovered that ImageMagick incorrectly handled certain values when performing resampling operations. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20246)

It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20309)

It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image data. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20312)

It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed.
This issue only affected Ubuntu 22.10. (CVE-2021-20313)

It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file using the convert command, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-3574)

It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module policy. An attacker could use this issue to read and write certain restricted files. This issue only affected Ubuntu 22.10. (CVE-2021-39212)

It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-4219)

It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted DICOM file, an attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of servicei, or expose sensitive information. This issue only affected Ubuntu 22.10. (CVE-2022-1114)

It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.10.
(CVE-2022-28463)

It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546)

It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32547)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://ubuntu.com/security/notices/USN-5736-1

Plugin Details

Severity: High

ID: 168160

File Name: ubuntu_USN-5736-1.nasl

Version: 1.6

Type: local

Agent: unix

Published: 11/24/2022

Updated: 8/28/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-32547

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16hdri-3, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3-extra, p-cpe:/a:canonical:ubuntu_linux:imagemagick-common, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6-common, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6-headers, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-perl, cpe:/o:canonical:ubuntu_linux:16.04:-:esm, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6-headers, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-5v5, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6-arch-config, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16hdri-7, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16-dev, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16hdri, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-7, p-cpe:/a:canonical:ubuntu_linux:libmagickcore5, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16-2, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-3, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-q16hdri-perl, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickwand5, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16-3, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6-headers, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-3-extra, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2, p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:perlmagick, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-q16-perl, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b5

Required KB Items: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/24/2022

Vulnerability Publication Date: 3/9/2021

Reference Information

CVE: CVE-2021-20224, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244, CVE-2021-20245, CVE-2021-20246, CVE-2021-20309, CVE-2021-20312, CVE-2021-20313, CVE-2021-3574, CVE-2021-39212, CVE-2021-4219, CVE-2022-1114, CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547

USN: 5736-1