Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)

medium Nessus Plugin ID 204796

Synopsis

The remote Ubuntu host is missing one or more security updates.

Description

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory.

USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem.

Original advisory details:

It was discovered that ImageMagick incorrectly handled the -authenticate

option for password-protected PDF files. An attacker could possibly use

this issue to inject additional shell commands and perform arbitrary code

execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599)

It was discovered that ImageMagick incorrectly handled certain values

when processing PDF files. If a user or automated system using ImageMagick

were tricked into opening a specially crafted PDF file, an attacker could

exploit this to cause a denial of service. This issue only affected Ubuntu

20.04 LTS. (CVE-2021-20224)

Zhang Xiaohui discovered that ImageMagick incorrectly handled certain

values when processing image data. If a user or automated system using

ImageMagick were tricked into opening a specially crafted image, an

attacker could exploit this to cause a denial of service. This issue only

affected Ubuntu 20.04 LTS. (CVE-2021-20241, CVE-2021-20243)

It was discovered that ImageMagick incorrectly handled certain values

when processing visual effects based image files. By tricking a user into

opening a specially crafted image file, an attacker could crash the

application causing a denial of service. This issue only affected Ubuntu

20.04 LTS. (CVE-2021-20244, CVE-2021-20309)

It was discovered that ImageMagick incorrectly handled certain values

when performing resampling operations. By tricking a user into opening

a specially crafted image file, an attacker could crash the application

causing a denial of service. This issue only affected Ubuntu 20.04 LTS.

(CVE-2021-20246)

It was discovered that ImageMagick incorrectly handled certain values

when processing thumbnail image data. By tricking a user into opening

a specially crafted image file, an attacker could crash the application

causing a denial of service. This issue only affected Ubuntu 20.04 LTS.

(CVE-2021-20312)

It was discovered that ImageMagick incorrectly handled memory cleanup

when performing certain cryptographic operations. Under certain conditions

sensitive cryptographic information could be disclosed. This issue only

affected Ubuntu 20.04 LTS. (CVE-2021-20313)

It was discovered that ImageMagick did not use the correct rights when

specifically excluded by a module policy. An attacker could use this issue

to read and write certain restricted files. This issue only affected Ubuntu

20.04 LTS. (CVE-2021-39212)

It was discovered that ImageMagick incorrectly handled memory under certain

circumstances. If a user were tricked into opening a specially crafted

image file, an attacker could possibly exploit this issue to cause a denial

of service or other unspecified impact. This issue only affected Ubuntu

20.04 LTS. (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547)

It was discovered that ImageMagick incorrectly handled memory under certain

circumstances. If a user were tricked into opening a specially crafted

image file, an attacker could possibly exploit this issue to cause a denial

of service or other unspecified impact. This issue only affected Ubuntu

22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906,

CVE-2023-3428)

It was discovered that ImageMagick incorrectly handled certain values

when processing specially crafted SVG files. By tricking a user into

opening a specially crafted SVG file, an attacker could crash the

application causing a denial of service. This issue only affected Ubuntu

20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289)

It was discovered that ImageMagick incorrectly handled memory under certain

circumstances. If a user were tricked into opening a specially crafted

tiff file, an attacker could possibly exploit this issue to cause a denial

of service or other unspecified impact. This issue only affected Ubuntu

22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-3195)

It was discovered that ImageMagick incorrectly handled memory under certain

circumstances. If a user were tricked into opening a specially crafted

image file, an attacker could possibly exploit this issue to cause a denial

of service or other unspecified impact. (CVE-2023-34151)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://ubuntu.com/security/notices/USN-6200-2

Plugin Details

Severity: Medium

ID: 204796

File Name: ubuntu_USN-6200-2.nasl

Version: 1.2

Type: local

Agent: unix

Published: 7/26/2024

Updated: 8/28/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2023-34151

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-8, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16hdri-6, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick-common, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6-common, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6-headers, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-perl, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6-arch-config, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16hdri, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-dev, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-q16hdri-perl, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-6-extra, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-dev, p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16hdri-8, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-dev, p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16-6, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16hdri-6, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6-headers, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6.q16hdri-dev, p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6-extra, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:perlmagick, p-cpe:/a:canonical:ubuntu_linux:libimage-magick-q16-perl, p-cpe:/a:canonical:ubuntu_linux:libmagickwand-6-headers

Required KB Items: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/25/2024

Vulnerability Publication Date: 3/23/2023

Reference Information

CVE: CVE-2023-1289, CVE-2023-34151

IAVB: 2023-B-0020-S, 2023-B-0038-S

USN: 6200-2