SB2017080407 - Multiple vulnerabilities in ImageMagick

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Resource exhaustion (CVE-ID: CVE-2017-14137)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.

2) Memory leak (CVE-ID: CVE-2017-13060)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the function ReadMATImage in coders/mat.c. A remote attacker can perform a denial of service attack via a a crafted file.

3) Input validation error (CVE-ID: CVE-2017-13061)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.

4) Input validation error (CVE-ID: CVE-2017-12418)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

Remediation

Install update from vendor's website.

References

• https://github.com/ImageMagick/ImageMagick/issues/641
• https://security.gentoo.org/glsa/201711-07
• http://www.securityfocus.com/bid/100469
• https://github.com/ImageMagick/ImageMagick/issues/644
• https://usn.ubuntu.com/3681-1/
• http://www.securityfocus.com/bid/100481
• https://github.com/ImageMagick/ImageMagick/issues/645
• https://github.com/ImageMagick/ImageMagick/issues/643