#VU33215 Infinite loop in GraphicsMagick


Published: 2018-01-14 | Updated: 2020-08-03

Vulnerability identifier: #VU33215

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-5685

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GraphicsMagick
Universal components / Libraries / Libraries used by multiple products

Vendor: GraphicsMagick Group

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GraphicsMagick: 1.3.27

External links
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/52a91ddb1aa6
http://lists.debian.org/debian-lts-announce/2018/01/msg00018.html
http://lists.debian.org/debian-lts-announce/2018/08/msg00002.html
http://sourceforge.net/p/graphicsmagick/bugs/541/
http://www.debian.org/security/2018/dsa-4321

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for graphicsmagick
Infinite loop in graphicsmagick (Alpine package)
Amazon Linux AMI update for GraphicsMagick
Infinite loop in GraphicsMagick