First Last Prev Next    This bug is not in your last search results.
Bug 1052758 - (CVE-2017-12662) VUL-1: CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFImage in coders/pdf.c
(CVE-2017-12662)
VUL-1: CVE-2017-12662: GraphicsMagick, ImageMagick: Memory leak in WritePDFIm...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/189770/
CVSSv2:SUSE:CVE-2017-12662:5.0:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-08 11:44 UTC by Johannes Segitz
Modified: 2018-02-09 15:44 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Reproducer (11 bytes, application/octet-stream)
2017-08-08 11:44 UTC, Johannes Segitz 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-08-08 11:44:02 UTC 
Created attachment 735694 [details]
Reproducer

CVE-2017-12662

ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in
coders/pdf.c.

valgrind convert leak-WritePDFImage out.pdf
Memory leak for ImageMagick, on GraphicsMagick this triggers an assert

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12662
https://github.com/ImageMagick/ImageMagick/commit/73a2bad43d157acfe360595feee739b4cc4406cb
https://github.com/ImageMagick/ImageMagick/issues/576
Comment 1 Petr Gajdos 2017-12-05 13:29:46 UTC 
BEFORE

ImageMagick:

$ valgrind -q --leak-check=full convert leak-WritePDFImage out.pdf
convert: unexpected end-of-file `leak-WritePDFImage': No such file or directory @ error/pwp.c/ReadPWPImage/258.
convert: no pixels defined in cache `out.pdf' @ error/cache.c/OpenPixelCache/3485.
convert: memory allocation failed `out.pdf' @ error/pdf.c/WritePDFImage/1846.
==19576== 16,520 bytes in 1 blocks are definitely lost in loss record 10 of 10
==19576==    at 0x4C2B41E: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19576==    by 0x4F5C612: ResizeMagickMemory (memory.c:1140)
==19576==    by 0x861D5ED: ???
==19576==    by 0x4EC124C: WriteImage (constitute.c:1237)
==19576==    by 0x4EC1B31: WriteImages (constitute.c:1394)
==19576==    by 0x531B923: ConvertImageCommand (convert.c:3154)
==19576==    by 0x5385C52: MagickCommandGenesis (mogrify.c:166)
==19576==    by 0x400836: ConvertMain (convert.c:81)
==19576==    by 0x400836: main (convert.c:92)
==19576== 
$

11,42.3/GraphicsMagick:

No WriteImage() related valgrind error is reported.

HG GraphicsMagick 15281:29e6c2e69518:

$ gm convert leak-WritePDFImage output.pdf
gm: magick/blob.c:1284: EOFBlob: Assertion `image != (Image *) NULL' failed.
gm convert: abort due to signal 6 (SIGABRT) "Abort"...
Aborted (core dumped)
$

PATCH

in comment 0

Will something submit also for GraphicsMagick.

AFTER

12/ImageMagick:

$ valgrind -q --leak-check=full convert leak-WritePDFImage out.pdf
convert: unexpected end-of-file `leak-WritePDFImage': No such file or directory @ error/pwp.c/ReadPWPImage/258.
convert: no pixels defined in cache `out.pdf' @ error/cache.c/OpenPixelCache/3485.
convert: memory allocation failed `out.pdf' @ error/pdf.c/WritePDFImage/1849.
$

11/ImageMagick:

$ valgrind -q --leak-check=full convert leak-WritePDFImage out.pdf
convert: Unexpected end-of-file `leak-WritePDFImage': No such file or directory.
$

11,42.3/GraphicsMagick:

no change

HG GraphicsMagick 15288:5c4bd14a370c:

$ gm convert leak-WritePDFImage output.pdf
gm convert: Unexpected end-of-file (leak-WritePDFImage).
$
Comment 2 Petr Gajdos 2017-12-06 09:51:03 UTC 
I believe all fixed.
Comment 4 Bernhard Wiedemann 2017-12-06 11:50:12 UTC 
This is an autogenerated message for OBS integration:
This bug (1052758) was mentioned in
https://build.opensuse.org/request/show/554772 42.3 / GraphicsMagick
https://build.opensuse.org/request/show/554773 42.2 / GraphicsMagick
Comment 5 Swamp Workflow Management 2017-12-12 17:10:11 UTC 
openSUSE-SU-2017:3270-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1047054,1051847,1052758,1052764,1060577,1061587
CVE References: CVE-2017-10799,CVE-2017-12140,CVE-2017-12644,CVE-2017-12662,CVE-2017-14733,CVE-2017-14994
Sources used:
openSUSE Leap 42.3 (src):    GraphicsMagick-1.3.25-47.1
openSUSE Leap 42.2 (src):    GraphicsMagick-1.3.25-11.48.1
Comment 7 Swamp Workflow Management 2017-12-20 17:11:03 UTC 
SUSE-SU-2017:3378-1: An update that fixes 26 vulnerabilities is now available.

Category: security (important)
Bug References: 1048457,1049796,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052758,1052764,1054757,1055214,1056432,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060577,1066003,1067181,1067184
CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14733,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.14.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.14.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.14.1
Comment 8 Swamp Workflow Management 2017-12-20 17:38:12 UTC 
SUSE-SU-2017:3388-1: An update that solves 32 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1048457,1049796,1050083,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052744,1052758,1052764,1054757,1055214,1056432,1057157,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060176,1060577,1061254,1062750,1066003,1067181,1067184,1067409
CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11523,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14138,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14682,CVE-2017-14733,CVE-2017-14989,CVE-2017-15217,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.17.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.17.1
Comment 9 Swamp Workflow Management 2017-12-22 20:13:49 UTC 
openSUSE-SU-2017:3420-1: An update that solves 32 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1048457,1049796,1050083,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052744,1052758,1052764,1054757,1055214,1056432,1057157,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060176,1060577,1061254,1062750,1066003,1067181,1067184,1067409
CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11523,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14138,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14682,CVE-2017-14733,CVE-2017-14989,CVE-2017-15217,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-40.1
openSUSE Leap 42.2 (src):    ImageMagick-6.8.8.1-30.12.1
Comment 10 Swamp Workflow Management 2018-01-05 14:00:20 UTC 
This is an autogenerated message for OBS integration:
This bug (1052758) was mentioned in
https://build.opensuse.org/request/show/561883 42.2 / GraphicsMagick
Comment 11 Swamp Workflow Management 2018-01-24 20:13:02 UTC 
SUSE-SU-2018:0197-1: An update that fixes 23 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1047044,1047054,1048457,1049373,1050129,1051412,1051847,1052252,1052460,1052758,1052764,1052771,1055063,1056550,1057723,1058082,1058422,1060577,1061587,1063050,1067177,1074969,1074975
CVE References: CVE-2017-10799,CVE-2017-10800,CVE-2017-11188,CVE-2017-11449,CVE-2017-11532,CVE-2017-12140,CVE-2017-12430,CVE-2017-12563,CVE-2017-12642,CVE-2017-12644,CVE-2017-12662,CVE-2017-12691,CVE-2017-13061,CVE-2017-14042,CVE-2017-14174,CVE-2017-14249,CVE-2017-14343,CVE-2017-14733,CVE-2017-14994,CVE-2017-15277,CVE-2017-16547,CVE-2017-18022,CVE-2018-5247
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.78.28.2
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.28.2
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.28.2
Comment 12 Marcus Meissner 2018-02-09 15:44:36 UTC 
released
First Last Prev Next    This bug is not in your last search results.