Ubuntu update for graphicsmagick
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2018-20184 CVE-2018-20189 CVE-2018-5685 CVE-2018-9018 CVE-2019-11006 CVE-2020-12672 CVE-2022-1270 |
| CWE-ID | CWE-122 CWE-20 CWE-835 CWE-369 CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system libgraphicsmagick3 (Ubuntu package) Operating systems & Components / Operating system package or component graphicsmagick (Ubuntu package) Operating systems & Components / Operating system package or component libgraphicsmagick-q16-3 (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU16586
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20184
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to heap-based buffer overflow in the WriteTGAImage function of tga.c when processing malicious input. A remote attacker can cause the service to crash via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper input validation
EUVDB-ID: #VU16585
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20189
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to an error in the ReadDIBImage function of coders/dib.c when processing malicious input in DIB reader. A remote attacker can cause the service to crash via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Infinite loop
EUVDB-ID: #VU33215
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-5685
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Divide-by-zero error
EUVDB-ID: #VU12644
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-9018
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the ReadMNGImage function of coders/png.c due to divide-by-zero error. A remote attacker can trick the victim into opening a specially crafted mng file and cause the service to crash.
Update the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU18364
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11006
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c in MIFF reader, which allows attackers to cause a denial of service or information disclosure via an RLE packet. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU27562
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2020-12672
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the "ReadMNGImage" in coders/png.c. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU63947
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-1270
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing MIFF files. A remote attacker can create a specially crafted MIFF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
MitigationUpdate the affected package graphicsmagick to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 20.04
libgraphicsmagick3 (Ubuntu package): before Ubuntu Pro
graphicsmagick (Ubuntu package): before Ubuntu Pro
libgraphicsmagick-q16-3 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:libgraphicsmagick3:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:graphicsmagick_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:libgraphicsmagick-q16-3_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5974-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
