SB2017042606 - Multiple vulnerabilities in ImageMagick

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Type confusion (CVE-ID: CVE-2017-7606)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error within coders/rle.c in ImageMagick 7.0.5-4. A remote attacker can create a specially crafted file and trigger application crash.

2) Resource exhaustion (CVE-ID: CVE-2017-7941)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing a specially crafted file in The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4. A remote attacker can perform a denial of service (DoS) attack.

3) Resource exhaustion (CVE-ID: CVE-2017-7943)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing a specially crafted file in The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4. A remote attacker can perform a denial of service (DoS) attack.

4) Memory leak (CVE-ID: CVE-2017-7942)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the ReadAVSImage() function within avs.c in ImageMagick 7.0.5-4. A remote attacker can consume an amount of available memory via a crafted file.

Remediation

Install update from vendor's website.

References

• https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
• https://github.com/ImageMagick/ImageMagick/issues/428
• https://github.com/ImageMagick/ImageMagick/issues/427