SB2020031634 - Debian update for graphicsmagick
Published: March 16, 2020 Updated: December 27, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 16 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2018-20184)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to heap-based buffer overflow in the WriteTGAImage function of tga.c when processing malicious input. A remote attacker can cause the service to crash via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
2) Heap-based buffer over-read (CVE-ID: CVE-2018-20185)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in GraphicsMagick installations with customized BMP limits due to heap-based buffer over-read in the ReadBMPImage function of bmp.c when processing malicious input. A remote attacker can cause the service to crash via a crafted bmp image file.
3) Improper input validation (CVE-ID: CVE-2018-20189)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to an error in the ReadDIBImage function of coders/dib.c when processing malicious input in DIB reader. A remote attacker can cause the service to crash via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
4) Stack-based buffer overflow (CVE-ID: CVE-2019-11005)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing a quoted font family value within the SVGStartElement() function in coders/svg.c in SVG reader. A remote unauthenticated attacker can create a specially crafted image, pass it to the affected application, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Out-of-bounds read (CVE-ID: CVE-2019-11006)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c in MIFF reader, which allows attackers to cause a denial of service or information disclosure via an RLE packet. A remote attacker can perform a denial of service attack.
6) Out-of-bounds read (CVE-ID: CVE-2019-11007)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. A remote attacker can perform a denial of service attack.
7) Heap-based buffer overflow (CVE-ID: CVE-2019-11008)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the WriteXWDImage() function in coders/xwd.c. A remote attacker can create a crafted XWD file, pass it to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Out-of-bounds read (CVE-ID: CVE-2019-11009)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function ReadXWDImage() in coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. A remote attacker can perform a denial of service attack.
9) Memory leak (CVE-ID: CVE-2019-11010)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. A remote attacker can perform a denial of service attack.
10) Out-of-bounds read (CVE-ID: CVE-2019-11473)
The vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a boundary condition within the ReadXWDImage() function in coders/xwd.c in XWD reader. A remote attacker can create a specially crafted XWD image file, pass it to the affected application, trigger out-of-bounds read error and crash the application.
11) Incorrect calculation (CVE-ID: CVE-2019-11474)
The vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the ReadXWDImage() function in coders/xwd.c in XWD reader. A remote attacker can create a specially crafted XWD file, pass it to the application, trigger a floating-point exception and crash the affected application.
12) Heap-based buffer overflow (CVE-ID: CVE-2019-11505)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in function WritePDBImage() in coders/pdb.c. A remote attacker can create a specially crafted image file, pass it to the affected application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
13) Heap-based buffer overflow (CVE-ID: CVE-2019-11506)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in MAT writer within the function WriteMATLABImage of coders/mat.c, related to ExportRedQuantumType in magick/export.c. A remote attacker can create a crafted image file, pass it to the affected application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Use-after-free (CVE-ID: CVE-2019-19950)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.
15) Out-of-bounds write (CVE-ID: CVE-2019-19951)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
16) Out-of-bounds read (CVE-ID: CVE-2019-19953)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function EncodeImage of coders/pict.c. A remote attacker can perform a denial of service attack.
Remediation
Install update from vendor's website.