|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-1: CVE-2019-11505: GraphicsMagick,ImageMagick: heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | Marcus Meissner <meissner> |
| Component: | Other | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Minor | ||
| Priority: | P4 - Low | CC: | pgajdos |
| Version: | Leap 42.3 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/230257/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: | heap-buffer-overflow-WritePDBImage | ||
|
Description
Marcus Meissner
2019-04-26 08:54:42 UTC
Created attachment 803667 [details]
heap-buffer-overflow-WritePDBImage
QA REPRODUCER:
gm convert heap-buffer-overflow-WritePDBImage test.pdb
should not report heap corruption backtrace
(IM not affected I think)
BEFORE 15.0,42.3/GraphicsMagick $ gm convert heap-buffer-overflow-WritePDBImage out.pdb *** Error in `gm': free(): invalid pointer: 0x000055a594927f50 *** gm convert: abort due to signal 6 (SIGABRT) "Abort"... Aborted (core dumped) $ 12,15/ImageMagick $ valgrind -q convert heap-buffer-overflow-WritePDBImage out.pdb convert: improper image header `heap-buffer-overflow-WritePDBImage' @ error/miff.c/ReadMIFFImage/1119. $ PATCH GraphicsMagick: referenced in comment 0 ImageMagick: there is a similar commit https://github.com/ImageMagick/ImageMagick/commit/d19acd3a822624ca35794a725c325ebe6a3e4057 AFTER 15.0,42.3/GraphicsMagick $ gm convert heap-buffer-overflow-WritePDBImage out.pdb gm convert: Improper image header (heap-buffer-overflow-WritePDBImage). $ 12,15/ImageMagick $ valgrind -q convert heap-buffer-overflow-WritePDBImage out.pdb convert: improper image header `heap-buffer-overflow-WritePDBImage' @ error/miff.c/ReadMIFFImage/1119. $ [no change] Will submit for 15.0,42.3/GraphicsMagick and 12,15/ImageMagick. This is an autogenerated message for OBS integration: This bug (1133501) was mentioned in https://build.opensuse.org/request/show/699628 15.0 / GraphicsMagick https://build.opensuse.org/request/show/699629 42.3 / GraphicsMagick I believe all fixed. openSUSE-SU-2019:1354-1: An update that fixes 6 vulnerabilities is now available. Category: security (moderate) Bug References: 1132053,1132054,1133202,1133203,1133498,1133501 CVE References: CVE-2019-11008,CVE-2019-11009,CVE-2019-11473,CVE-2019-11474,CVE-2019-11505,CVE-2019-11506 Sources used: openSUSE Leap 15.0 (src): GraphicsMagick-1.3.29-lp150.3.28.1 openSUSE-SU-2019:1355-1: An update that fixes 6 vulnerabilities is now available. Category: security (moderate) Bug References: 1132053,1132054,1133202,1133203,1133498,1133501 CVE References: CVE-2019-11008,CVE-2019-11009,CVE-2019-11473,CVE-2019-11474,CVE-2019-11505,CVE-2019-11506 Sources used: openSUSE Leap 42.3 (src): GraphicsMagick-1.3.25-135.1 SUSE-SU-2019:14043-1: An update that fixes 8 vulnerabilities is now available. Category: security (moderate) Bug References: 1130330,1131317,1132053,1132060,1133204,1133205,1133498,1133501 CVE References: CVE-2019-10650,CVE-2019-11007,CVE-2019-11009,CVE-2019-11470,CVE-2019-11472,CVE-2019-11505,CVE-2019-11506,CVE-2019-9956 Sources used: SUSE Linux Enterprise Debuginfo 11-SP4 (src): ImageMagick-6.4.3.6-78.97.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. openSUSE-SU-2019:1437-1: An update that fixes 6 vulnerabilities is now available. Category: security (moderate) Bug References: 1132053,1132054,1133202,1133203,1133498,1133501 CVE References: CVE-2019-11008,CVE-2019-11009,CVE-2019-11473,CVE-2019-11474,CVE-2019-11505,CVE-2019-11506 Sources used: openSUSE Backports SLE-15 (src): GraphicsMagick-1.3.29-bp150.2.21.1 This is an autogenerated message for OBS integration: This bug (1133501) was mentioned in https://build.opensuse.org/request/show/705902 15.1 / GraphicsMagick SUSE-SU-2019:1523-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1133204,1133205,1133498,1133501,1136183,1136732 CVE References: CVE-2019-11470,CVE-2019-11472,CVE-2019-11505,CVE-2019-11506,CVE-2019-11598 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): ImageMagick-7.0.7.34-3.61.3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): ImageMagick-7.0.7.34-3.61.3 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): ImageMagick-7.0.7.34-3.61.3 SUSE Linux Enterprise Module for Development Tools 15 (src): ImageMagick-7.0.7.34-3.61.3 SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src): ImageMagick-7.0.7.34-3.61.3 SUSE Linux Enterprise Module for Desktop Applications 15 (src): ImageMagick-7.0.7.34-3.61.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. openSUSE-SU-2019:1603-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1133204,1133205,1133498,1133501,1136183,1136732 CVE References: CVE-2019-11470,CVE-2019-11472,CVE-2019-11505,CVE-2019-11506,CVE-2019-11598 Sources used: openSUSE Leap 15.1 (src): ImageMagick-7.0.7.34-lp151.7.3.1 openSUSE Leap 15.0 (src): ImageMagick-7.0.7.34-lp150.2.32.1 (In reply to Petr Gajdos from comment #2) > 12,15/ImageMagick > > $ valgrind -q convert heap-buffer-overflow-WritePDBImage out.pdb > convert: improper image header `heap-buffer-overflow-WritePDBImage' @ > error/miff.c/ReadMIFFImage/1119. > $ [...] > 12,15/ImageMagick > > $ valgrind -q convert heap-buffer-overflow-WritePDBImage out.pdb > convert: improper image header `heap-buffer-overflow-WritePDBImage' @ > error/miff.c/ReadMIFFImage/1119. > $ > [no change] QA: I hope that from above it is clear that for ImageMagick the output before and after is the same. SUSE-SU-2019:1712-1: An update that solves 9 vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 1133204,1133205,1133498,1133501,1134075,1135232,1135236,1136183,1136732,1138425,1138464 CVE References: CVE-2017-12805,CVE-2017-12806,CVE-2019-10131,CVE-2019-11470,CVE-2019-11472,CVE-2019-11505,CVE-2019-11506,CVE-2019-11597,CVE-2019-11598 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP4 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Workstation Extension 12-SP3 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Server 12-SP4 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Server 12-SP3 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Desktop 12-SP4 (src): ImageMagick-6.8.8.1-71.123.2 SUSE Linux Enterprise Desktop 12-SP3 (src): ImageMagick-6.8.8.1-71.123.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. openSUSE-SU-2019:1683-1: An update that solves 9 vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 1133204,1133205,1133498,1133501,1134075,1135232,1135236,1136183,1136732,1138425,1138464 CVE References: CVE-2017-12805,CVE-2017-12806,CVE-2019-10131,CVE-2019-11470,CVE-2019-11472,CVE-2019-11505,CVE-2019-11506,CVE-2019-11597,CVE-2019-11598 Sources used: openSUSE Leap 42.3 (src): ImageMagick-6.8.8.1-85.1 released |