Bug 1212234 (CVE-2023-34475)

Summary: VUL-0: CVE-2023-34475: GraphicsMagick,ImageMagick: heap use-after-free issue in ReplaceXmpValue
Product: [Novell Products] SUSE Security Incidents Reporter: Gianluca Gabrielli <gianluca.gabrielli>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/369045/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Gianluca Gabrielli 2023-06-12 12:06:07 UTC 
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could pass specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.

https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34475
https://bugzilla.redhat.com/show_bug.cgi?id=2214149
Comment 1 Gianluca Gabrielli 2023-06-12 12:06:53 UTC 
Only Factory is affected.
Comment 2 Petr Gajdos 2023-06-15 09:11:17 UTC 
Thanks.

According to upstream change log it was fixed in 7.1.1-10, which is already in Factory. I will submit rpm change log additional note.
https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-10---2023-05-21
Comment 3 Petr Gajdos 2023-06-15 10:03:25 UTC 
Submitted for Factory.

I believe all fixed.
Comment 4 OBSbugzilla Bot 2023-06-15 10:35:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1212234) was mentioned in
https://build.opensuse.org/request/show/1093259 Factory / ImageMagick