Heap-based buffer overflow in ImageMagick

#VU68076 Heap-based buffer overflow in ImageMagick

Published: 2022-10-10

Vulnerability identifier: #VU68076

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1115

CWE-ID: CWE-122

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ImageMagick
Client/Desktop applications / Multimedia software

Vendor:

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the PushShortPixel() function in quantum-private.h when processing TIFF images. A remote attacker can pass specially crafted TIFF image to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://github.com/ImageMagick/ImageMagick/issues/4974
http://access.redhat.com/security/cve/CVE-2022-1115
http://github.com/ImageMagick/ImageMagick/commit/c8718305f120293d8bf13724f12eed885d830b09
http://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51
http://bugzilla.redhat.com/show_bug.cgi?id=2067022

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in ImageMagick

openEuler update for ImageMagick