{ "schema_version": "1.6.2", "id": "MGASA-2022-0446", "published": "2022-12-06T23:32:48Z", "modified": "2022-12-06T22:23:31Z", "summary": "Updated imagemagick packages fix security vulnerability", "details": "A vulnerability was found in ImageMagick-7.0.11-5, where executing a\ncrafted file with the convert command, ASAN detects memory leaks.\n(CVE-2021-3574)\n\nA flaw was found in ImageMagick. The vulnerability occurs due to improper\nuse of open functions and leads to a denial of service. This flaw allows\nan attacker to crash the system. (CVE-2021-4219)\n\nAn integer overflow issue was discovered in ImageMagick's\nExportIndexQuantum() function in MagickCore/quantum-export.c. Function\ncalls to GetPixelIndex() could result in values outside the range of\nrepresentable for the 'unsigned char'. When ImageMagick processes a\ncrafted pdf file, this could lead to an undefined behaviour or a crash.\n(CVE-2021-20224)\n\nA flaw was found in ImageMagick in versions before 7.0.11 and before\n6.9.12, where a division by zero in WaveImage() of\nMagickCore/visual-effects.c may trigger undefined behavior via a crafted\nimage file submitted to an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20309)\n\nA flaw was found in ImageMagick in versions before 7.0.11, where a\ndivision by zero in sRGBTransformImage() in the MagickCore/colorspace.c\nmay trigger undefined behavior via a crafted image file that is submitted\nby an attacker processed by an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20311)\n\nA flaw was found in ImageMagick in versions 7.0.11, where an integer\noverflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger\nundefined behavior via a crafted image file that is submitted by an\nattacker and processed by an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20312)\n\nA flaw was found in ImageMagick in versions before 7.0.11. A potential\ncipher leak when the calculate signatures in TransformSignature is\npossible. The highest threat from this vulnerability is to data\nconfidentiality. (CVE-2021-20313)\n\nA heap-based-buffer-over-read flaw was found in ImageMagick's\nGetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is\ntriggered when an attacker passes a specially crafted Tagged Image File\nFormat (TIFF) image to convert it into a PICON file format. This issue can\npotentially lead to a denial of service and information disclosure.\n(CVE-2022-0284)\n\nA heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo()\nfunction of dcm.c file. This vulnerability is triggered when an attacker\npasses a specially crafted DICOM image file to ImageMagick for conversion,\npotentially leading to information disclosure and a denial of service.\n(CVE-2022-1114)\n\nIn GraphicsMagick, a heap buffer overflow was found when parsing MIFF.\n(CVE-2022-1270)\n\nIn ImageMagick, a crafted file could trigger an assertion failure when a\ncall to WriteImages was made in MagickWand/operation.c, due to a NULL\nimage list. This could potentially cause a denial of service. This was\nfixed in upstream ImageMagick version 7.1.0-30. (CVE-2022-2719)\n\nA heap buffer overflow issue was found in ImageMagick. When an application\nprocesses a malformed TIFF file, it could lead to undefined behavior or a\ncrash causing a denial of service. (CVE-2022-3213)\n\nImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)\n\nA vulnerability was found in ImageMagick, causing an outside the range of\nrepresentable values of type 'unsigned char' at coders/psd.c, when crafted\nor untrusted input is processed. This leads to a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32545)\n\nA vulnerability was found in ImageMagick, causing an outside the range of\nrepresentable values of type 'unsigned long' at coders/pcl.c, when crafted\nor untrusted input is processed. This leads to a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32546)\n\nIn ImageMagick, there is load of misaligned address for type 'double',\nwhich requires 8 byte alignment and for type 'float', which requires 4\nbyte alignment at MagickCore/property.c. Whenever crafted or untrusted\ninput is processed by ImageMagick, this causes a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32547)\n", "related": [ "CVE-2021-3574", "CVE-2021-4219", "CVE-2021-20224", "CVE-2021-20309", "CVE-2021-20311", "CVE-2021-20312", "CVE-2021-20313", "CVE-2022-0284", "CVE-2022-1114", "CVE-2022-1270", "CVE-2022-2719", "CVE-2022-3213", "CVE-2022-28463", "CVE-2022-32545", "CVE-2022-32546", "CVE-2022-32547" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2022-0446.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=29054" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QPPJFFJWUIW3K6NB472QVFG522DWQZET/" }, { "type": "REPORT", "url": "https://ubuntu.com/security/notices/USN-5158-1" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZUE6OO6UE5NEQ2LYEJSEB2AXREVWZVMB/" }, { "type": "REPORT", "url": "https://www.debian.org/lts/security/2022/dla-3007" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U4SLHXE2O3IXMI4KAK7QSBITGXIK6OW2/" }, { "type": "REPORT", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011200.html" }, { "type": "REPORT", "url": "https://ubuntu.com/security/notices/USN-5456-1" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FYRR2QY5S3HG4B4EAPF6BVV54BZQPUX5/" }, { "type": "REPORT", "url": "https://ubuntu.com/security/notices/USN-5534-1" }, { "type": "REPORT", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012065.html" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DQYFWVB5WL5D7BG6DWWI7RKZDHYKRQR6/" }, { "type": "REPORT", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LNVDNM4ZEIYPT3SLZHPYN7OG4CZLEXZJ/" }, { "type": "REPORT", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T6VPXZJUL64MXAMQ4JA6V6TYNOXDC6SQ/" }, { "type": "REPORT", "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/65CCSW6TK2CGQU6OYUEHQBBH6OSPKUJP/" }, { "type": "REPORT", "url": "https://ubuntu.com/security/notices/USN-5736-1" } ], "affected": [ { "package": { "ecosystem": "Mageia:8", "name": "imagemagick", "purl": "pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "7.1.0.52-1.1.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "abydos", "purl": "pkg:rpm/mageia/abydos?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.2.3-4.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "converseen", "purl": "pkg:rpm/mageia/converseen?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.9.8.1-4.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "digikam", "purl": "pkg:rpm/mageia/digikam?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "7.1.0-4.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "libopenshot", "purl": "pkg:rpm/mageia/libopenshot?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.2.5-5.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "php-imagick", "purl": "pkg:rpm/mageia/php-imagick?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "3.4.5-0.git20201230.2.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "synfig", "purl": "pkg:rpm/mageia/synfig?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.2.2-11.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "windowmaker", "purl": "pkg:rpm/mageia/windowmaker?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.95.9-3.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "xine-lib1.2", "purl": "pkg:rpm/mageia/xine-lib1.2?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.2.11-1.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "zbar", "purl": "pkg:rpm/mageia/zbar?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.23.1-5.2.mga8" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:8", "name": "imagemagick", "purl": "pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "7.1.0.52-1.1.mga8.tainted" } ] } ], "ecosystem_specific": { "section": "tainted" } }, { "package": { "ecosystem": "Mageia:8", "name": "abydos", "purl": "pkg:rpm/mageia/abydos?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "0.2.3-4.2.mga8.tainted" } ] } ], "ecosystem_specific": { "section": "tainted" } }, { "package": { "ecosystem": "Mageia:8", "name": "transcode", "purl": "pkg:rpm/mageia/transcode?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.1.7-29.2.mga8.tainted" } ] } ], "ecosystem_specific": { "section": "tainted" } }, { "package": { "ecosystem": "Mageia:8", "name": "xine-lib1.2", "purl": "pkg:rpm/mageia/xine-lib1.2?arch=source&distro=mageia-8" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.2.11-1.2.mga8.tainted" } ] } ], "ecosystem_specific": { "section": "tainted" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }