Advisories ยป MGASA-2023-0161

Updated imagemagick packages fix security vulnerability

Publication date: 06 May 2023
Modification date: 06 May 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-1906

Description

A heap-based buffer overflow issue was discovered in ImageMagick's
ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An
attacker could pass specially crafted file to convert, triggering an
out-of-bounds read error, allowing an application to crash, resulting in a
denial of service. (CVE-2023-1906)
                

References

SRPMS

8/tainted

8/core