Bugzilla – Bug 1055038
VUL-2: CVE-2017-13065: GraphicsMagick: GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability inthe function SVGStartElement in coders/svg.c.
Last modified: 2018-02-09 20:10:54 UTC
CVE-2017-13065 GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a https://sourceforge.net/p/graphicsmagick/bugs/435/
Created attachment 737804 [details] gm_null_pointer_dereference_in_SVGStartElement QA REPRODUCER: gm identify gm_null_pointer_dereference_in_SVGStartElement should not crash with NULL ptr.
GraphicsMagick SLE11 affected and also Leap. cross checked ImageMagick, it is not affected apparently.
Null ptr controlled abort. can be defered.
I could not gather testcase from our bugzilla via firefox but I have been successful via upstream report. 42.x/GraphicsMagick $ valgrind -q gm identify gm_null_pointer_dereference_in_SVGStartElement gm identify: invalid primitive argument (). gm identify: Request did not return an image. $ 11/GraphicsMagick $ valgrind -q gm identify gm_null_pointer_dereference_in_SVGStartElement gm identify: Negative or zero image size. $ 11/ImageMagick $ valgrind -q identify gm_null_pointer_dereference_in_SVGStartElement identify: Memory allocation failed `gm_null_pointer_dereference_in_SVGStartElement'. $ 12/ImageMagick $ valgrind -q gm_null_pointer_dereference_in_SVGStartElement valgrind: gm_null_pointer_dereference_in_SVGStartElement: command not found $ No issues observed with this testcase. As far as I can see, this is already addresed via GraphicsMagick-CVE-2017-13063,13064.patch (bsc#1055050, bsc#1055042). Not sure why I have not close this bug along. The verdict is the same as in these bugs: considering affected */GraphicsMagick. I would close this as fixed, but feel free to consider to ask me to adapt rpm changelogs.
Considered affected: 42.x/GraphicsMagick and 11/GraphicsMagick I will adjust rpm changelogs and patch names accordingly.
I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1055038) was mentioned in https://build.opensuse.org/request/show/569900 42.2 / GraphicsMagick https://build.opensuse.org/request/show/569901 42.3 / GraphicsMagick
openSUSE-SU-2018:0328-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 1055038,1075939,1076021,1076051 CVE References: CVE-2017-13063,CVE-2017-13065,CVE-2017-18027,CVE-2017-18029,CVE-2018-5685 Sources used: openSUSE Leap 42.3 (src): GraphicsMagick-1.3.25-63.1
released
SUSE-SU-2018:0413-1: An update that fixes 34 vulnerabilities is now available. Category: security (moderate) Bug References: 1043353,1043354,1047908,1047910,1050037,1050072,1050100,1051442,1052470,1052708,1052717,1052768,1052777,1052781,1054600,1055038,1055374,1055455,1055456,1057000,1060162,1062752,1067198,1073690,1074023,1074120,1074125,1074175,1075939 CVE References: CVE-2014-9811,CVE-2017-10995,CVE-2017-11102,CVE-2017-11505,CVE-2017-11526,CVE-2017-11539,CVE-2017-11750,CVE-2017-12565,CVE-2017-12640,CVE-2017-12641,CVE-2017-12643,CVE-2017-12673,CVE-2017-12676,CVE-2017-12935,CVE-2017-13065,CVE-2017-13141,CVE-2017-13142,CVE-2017-13147,CVE-2017-14103,CVE-2017-14174,CVE-2017-14649,CVE-2017-15218,CVE-2017-15238,CVE-2017-16669,CVE-2017-17501,CVE-2017-17504,CVE-2017-17782,CVE-2017-17879,CVE-2017-17884,CVE-2017-17915,CVE-2017-8352,CVE-2017-9261,CVE-2017-9262,CVE-2018-5685 Sources used: SUSE Studio Onsite 1.3 (src): GraphicsMagick-1.2.5-4.78.33.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): GraphicsMagick-1.2.5-4.78.33.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): GraphicsMagick-1.2.5-4.78.33.1