Project

General

Profile

Bug #8096

Bug #8094: graphicsmagick: Multiple vulnerabilities (CVE-2017-14314, CVE-2017-14504, CVE-2017-14733, CVE-2017-14994 CVE-2017-14997, CVE-2017-15930)

[3.6] graphicsmagick: Multiple vulnerabilities (CVE-2017-14314, CVE-2017-14504, CVE-2017-14733, CVE-2017-14994 CVE-2017-14997, CVE-2017-15930)

Added by Alicha CH 6 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Start date:
11/02/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:

Description

CVE-2017-14314: Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote
attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-14314

Patch:

http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78

CVE-2017-14504: ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number
of colors for the XV 332 format, leading to a NULL Pointer Dereference.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-14504

Patch:

http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=fb09ca6dd22c

CVE-2017-14733:ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify
too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-14733

Patch:

http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=5381c71724e3

CVE-2017-14994: ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer
dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-14994

Patch:

http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=b3eca3eaa264

CVE-2017-14997: GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer
underflow in ReadPICTImage in coders/pict.c.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-14997

Patch:

http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=0683f8724200

CVE-2017-15930: In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG
scanlines, related to a PixelPacket pointer.

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-15930

Patch:

http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=6fc54b6d2be8
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=da135eaedc3b

Associated revisions

Revision e49e0636 (diff)
Added by Francesco Colista 4 months ago

community/graphicsmagick: security upgrade to 1.3.27.

- Fixes #8096
- Fixes #7944 (last CVE was not fixed since the patch did not apply)

History

#1 Updated by Francesco Colista 4 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Francesco Colista 4 months ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF