Bug 1056429 - (CVE-2017-13776) VUL-1: CVE-2017-13776: GraphicsMagick,ImageMagick: denial of service issue in ReadXBMImage() in a coders/xbm.c
VUL-1: CVE-2017-13776: GraphicsMagick,ImageMagick: denial of service issue in...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2017-08-30 13:35 UTC by Alexander Bergmann
Modified: 2020-06-11 20:32 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-08-30 13:35:45 UTC

GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage()
in a coders/xbm.c "Read hex image data" version!=10 case that results
in the reader not returning; it would cause large amounts of CPU and
memory consumption although the crafted file itself does not request

Comment 1 Alexander Bergmann 2017-08-30 13:36:28 UTC
Upstream fix:
Comment 2 Marcus Meissner 2017-09-29 08:21:02 UTC
long but not endless CPU usage loop due to missing EOF check.
Comment 3 Petr Gajdos 2017-11-07 12:03:58 UTC
See bug 1057719 (ImageMagick).
Comment 4 Petr Gajdos 2017-11-07 12:33:18 UTC
Also testcase from ImageMagick upstream issue:


For 42.3 and 11:


$ gm convert x_xbm_poc.xbm test.jpg
[cpu 100%] 


$ gm convert x_xbm_poc.xbm test.jpg
gm convert: Improper image header (x_xbm_poc.xbm).
Comment 5 Petr Gajdos 2017-11-07 15:58:36 UTC
I believe all fixed.
Comment 7 Bernhard Wiedemann 2017-11-07 17:00:50 UTC
This is an autogenerated message for OBS integration:
This bug (1056429) was mentioned in
https://build.opensuse.org/request/show/539605 42.2 / GraphicsMagick
https://build.opensuse.org/request/show/539606 42.3 / GraphicsMagick
Comment 8 Swamp Workflow Management 2017-11-15 14:08:42 UTC
openSUSE-SU-2017:3020-1: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1054757,1055214,1056426,1056429,1057508,1066003
CVE References: CVE-2017-12983,CVE-2017-13134,CVE-2017-13776,CVE-2017-13777,CVE-2017-14165,CVE-2017-15930
Sources used:
openSUSE Leap 42.3 (src):    GraphicsMagick-1.3.25-39.1
openSUSE Leap 42.2 (src):    GraphicsMagick-1.3.25-11.39.1
Comment 11 Swamp Workflow Management 2017-12-27 14:09:22 UTC
SUSE-SU-2017:3435-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1050632,1052450,1054757,1055214,1056426,1056429,1057508,1058485,1058637,1066003,1067181,1067184,1067409
CVE References: CVE-2016-7996,CVE-2017-11640,CVE-2017-12587,CVE-2017-12983,CVE-2017-13134,CVE-2017-13776,CVE-2017-13777,CVE-2017-14165,CVE-2017-14341,CVE-2017-14342,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-
Comment 12 Marcus Meissner 2018-02-12 08:31:42 UTC