Bugzilla – Bug 1051416
VUL-2: CVE-2017-11755: GraphicsMagick, ImageMagick: WritePICONImage in coders/xpm.c allows to cause DoS
Last modified: 2019-04-23 22:40:15 UTC
Created attachment 734502 [details]
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows
remote attackers to cause a denial of service (memory leak) via a crafted file
that is mishandled in an AcquireSemaphoreInfo call.
valgrind convert Memory-Leak-21_output_picon_1501391824.23 out.picon
Might be dup of bsc#1051412 since https://github.com/ImageMagick/ImageMagick/issues/631 indicates that it's fixed by the same commit
memleak described is sizeof(SemaphoreInfo). minor leak. deferable.
I cannot reproduce any other memory leaks than that ones listed in bug 1051412, closing as duplicate as the upstream did.
*** This bug has been marked as a duplicate of bug 1051412 ***