Out-of-bounds read in imagemagick6 (Alpine package)



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-13391
CWE-ID CWE-125
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
imagemagick6 (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Out-of-bounds read

EUVDB-ID: #VU19184

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-13391

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read because of incorrect calls to "GetCacheViewVirtualPixels" in the "ComplexImages" function, as defined in the "MagickCore/fourier.c" file. A remote attacker can make calls on the targeted system and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

imagemagick6 (Alpine package): 6.9.10.39-r0 - 6.9.10.55-r0

CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=a19f810872972ce57a3fd3bf4ef1f9ec5eac78bc
http://git.alpinelinux.org/aports/commit/?id=530a544685f085941dfc43575144a1aa5090a3e4
http://git.alpinelinux.org/aports/commit/?id=d46d1b3369612e10a726fb1b6658764a7ff08fc9
http://git.alpinelinux.org/aports/commit/?id=6a183d66c7dc3dca62a642c621c62bc6455f8b87
http://git.alpinelinux.org/aports/commit/?id=8a0a53d2ab69a2e8892826f9443e0ad20d53e4df
http://git.alpinelinux.org/aports/commit/?id=3cecfd2d2af53b9be6d7e3af4cc8490b54556a1f
http://git.alpinelinux.org/aports/commit/?id=4f797cc6b00076db68e8bc9f0995e8181659d243
http://git.alpinelinux.org/aports/commit/?id=e2c99a977c70ec025f2ce7b2e89c227d7fed9ed7
http://git.alpinelinux.org/aports/commit/?id=0f7ecd696d28f3be16555aca8525bf57ed8a0669


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###