Main Vulnerability Database SB2019082123

SB2019082123 - OpenSUSE Linux update for ImageMagick

Published: August 21, 2019

Security Bulletin ID SB2019082123

Severity

High

Patch available

YES

Number of vulnerabilities 30

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 30 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2019-12974)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via a crafted image.

2) Resource management error (CVE-ID: CVE-2019-12975)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.

3) Memory leak (CVE-ID: CVE-2019-12976)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the ReadPCLImage function in coders/pcl.c. A remote attacker can perform a denial of service attack.

4) Improper Initialization (CVE-ID: CVE-2019-12977)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c.

5) Improper Initialization (CVE-ID: CVE-2019-12978)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c.

6) Improper Initialization (CVE-ID: CVE-2019-12979)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.

7) Resource management error (CVE-ID: CVE-2019-13133)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a memory leak in the "ReadBMPImage" function in the "coders/bmp.c" file. A remote attacker can perform a denial of service attack.

8) Resource management error (CVE-ID: CVE-2019-13134)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a memory leak in the "ReadVIFFImage" function in the "coders/viff.c" file. A remote attacker can cause a denial of service condition on the target system.

9) Input validation error (CVE-ID: CVE-2019-13135)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use of uninitialized value in the "ReadCUTImage" function in the "coders/cut.c" file. A remote attacker can execute arbitrary command on the target system.

10) Integer overflow (CVE-ID: CVE-2019-13136)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the "TIFFSeekCustomStream" function in the "coders/tiff.c" file. A remote attacker can trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

11) Resource management error (CVE-ID: CVE-2019-13137)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a memory leak in the "ReadPSImage" function in the "coders/ps.c" file. A remote attacker can cause a denial of service condition on the target system.

12) Out-of-bounds read (CVE-ID: CVE-2019-13295)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read error in "AdaptiveThresholdImage" in the "MagickCore/threshold.c" file because a width of zero is mishandled. A remote attacker can trick the victim to open a specially crafted file, trigger out-of-bounds read error and crash the application.

13) Resource management error (CVE-ID: CVE-2019-13296)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a memory leak in AcquireMagickMemory due to an error in CLIListOperatorImages in the "MagickWand/operation.c" file. A remote attacker can perform a denial of service attack.

14) Out-of-bounds read (CVE-ID: CVE-2019-13297)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in AdaptiveThresholdImage in the "MagickCore/threshold.c" file because a height of zero is mishandled. A remote attacker can perform a denial of service attack.

15) Heap-based buffer overflow (CVE-ID: CVE-2019-13298)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in the "MagickCore/enhance.c" file due to a boundary error in the "MagickCore/pixel-accessor.h" in SetPixelViaPixelInfo. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

16) Out-of-bounds read (CVE-ID: CVE-2019-13299)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the "MagickCore/pixel-accessor.h" in GetPixelChannel. A remote attacker can perform a denial of service attack.

17) Heap-based buffer overflow (CVE-ID: CVE-2019-13300)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the EvaluateImages in the "MagickCore/statistic.c" file because of mishandling columns. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

18) Resource management error (CVE-ID: CVE-2019-13301)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists because of a memory leak in AcquireMagickMemory due to an AnnotateImage error. A remote attacker can perform a denial of service attack.

19) Out-of-bounds read (CVE-ID: CVE-2019-13302)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in ComplexImages in the "MagickCore/fourier.c" file. A remote attacker can perform a denial of service attack.

20) Out-of-bounds read (CVE-ID: CVE-2019-13303)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in CompositeImage in the "MagickCore/composite.c" file. A remote attacker can perform a denial of service attack.

21) Stack-based buffer overflow (CVE-ID: CVE-2019-13304)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WritePNMImage in the "coders/pnm.c" file because of a misplaced assignment. A remote attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

22) Stack-based buffer overflow (CVE-ID: CVE-2019-13305)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WritePNMImage in the coders/pnm.c file because of a misplaced "strncpy" and "an off-by-one" error. A remote attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

23) Stack-based buffer overflow (CVE-ID: CVE-2019-13306)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in WritePNMImage in the "coders/pnm.c" file because of "off-by-one" errors. A remote attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

24) Heap-based buffer overflow (CVE-ID: CVE-2019-13307)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the EvaluateImages in the "MagickCore/statistic.c" file because of mishandling rows. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

25) Heap-based buffer overflow (CVE-ID: CVE-2019-13308)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the "MagickCore/fourier.c" in ComplexImage. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

26) Resource management error (CVE-ID: CVE-2019-13309)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists because of a memory leak in AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages in the "MagickWand/operation.c" file. A remote attacker can perform a denial of service attack.

27) Resource management error (CVE-ID: CVE-2019-13310)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists because of a memory leak in AcquireMagickMemory due to an error in "MagickWand/mogrify.c" file. A remote attacker can perform a denial of service attack.

28) Resource management error (CVE-ID: CVE-2019-13311)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a memory leak in AcquireMagickMemory due to an error in the "wand/mogrify.c" file. A remote attacker can perform a denial of service attack on the target system.

29) Out-of-bounds read (CVE-ID: CVE-2019-13391)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read because of incorrect calls to "GetCacheViewVirtualPixels" in the "ComplexImages" function, as defined in the "MagickCore/fourier.c" file. A remote attacker can make calls on the targeted system and perform a denial of service attack.

30) Division by zero (CVE-ID: CVE-2019-13454)

The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on a system.

The vulnerability exists due to a divide-by-zero condition in the "RemoveDuplicateLayers" function, as defined in the "MagickCore/layer.c" file. A remote attacker can make calls on the targeted system and cause a DoS condition.

Remediation

Install update from vendor's website.

References

https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html

SB2019082123 - OpenSUSE Linux update for ImageMagick

Breakdown by Severity

Description

Remediation

References

Please verify you're human