Bugzilla – Bug 1111072
VUL-1: CVE-2018-18016: GraphicsMagick,ImageMagick: ImageMagick: memory leak in WritePCXImage in coders/pcx.c
Last modified: 2021-10-04 16:42:06 UTC
rh#1636579 A flaw was foudn in ImageMagick 7.0.7-28. A memory leak vulnerability in WritePCXImage in coders/pcx.c which could lead to a Denial of Service attack. References: https://github.com/ImageMagick/ImageMagick/issues/1049 Upstream Patch: https://github.com/ImageMagick/ImageMagick/commit/df8a62fe4938aa41a39e815937c58bc0ed21b664 References: https://bugzilla.redhat.com/show_bug.cgi?id=1636579 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18016 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-18016.html http://www.cvedetails.com/cve/CVE-2018-18016/
Hi Petr, After looking into the issue I think everything is already fixed, but I would like to get a confirmation. - SUSE:SLE-15:Update/ImageMagick already fixed The following codestreams seem to be fixed by bsc#1055069 (by "*Magick-CVE-2017-13058.patch", upstream ticket [0]). Which would mean that CVE-2018-18016 duplicates CVE-2017-13058. - SUSE:SLE-12:Update/ImageMagick seems to be fixed by bsc#1055069 - SUSE:SLE-11:Update/ImageMagick seems to be fixed by bsc#1055069 - SUSE:SLE-11:Update/GraphicsMagick seems to be fixed by bsc#1055069 [0] https://github.com/ImageMagick/ImageMagick/issues/666
Thanks for analysis. Setting needinfo to me when the bug is assigned to me is pointless ;).
Filled new issue upstream: https://github.com/ImageMagick/ImageMagick/issues/1347
I will consider CVE-2018-18016 a bit broader: free page_table where needed.
(In reply to Petr Gajdos from comment #4) > I will consider CVE-2018-18016 a bit broader: free page_table where needed. Actually, no. How to get out from this? Let's try: 15/ImageMagick: Patch for upstream issue #1347: ImageMagick-WritePCXImage-page_table-memory-leak.patch to be renamed to ImageMagick-2018-xxxxx.patch as soon as it gets a CVE. 11,12/ImageMagick, 11/GraphicsMagick: ImageMagick-CVE-2017-13058.patch already contains all fixes, but not completely correct. Instead of just page_table=(MagickOffsetType *) RelinquishMagickMemory(page_table); there have to be if (page_table != (MagickOffsetType *) NULL) page_table=(MagickOffsetType *) RelinquishMagickMemory(page_table); as page_table can be NULL in So I will fix it and, at the same time, I will rename the patch to ImageMagick-CVE-2017-13058,CVE-2018-18016.patch
Will submit for 15,12,11/ImageMagick and 11/ImageMagick.
Packages submitted. I believe all fixed.
SUSE-SU-2018:3191-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1098545,1098546,1110746,1110747,1111069,1111072 CVE References: CVE-2017-13058,CVE-2018-12599,CVE-2018-12600,CVE-2018-17965,CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP3 (src): ImageMagick-6.8.8.1-71.82.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): ImageMagick-6.8.8.1-71.82.1 SUSE Linux Enterprise Server 12-SP3 (src): ImageMagick-6.8.8.1-71.82.1 SUSE Linux Enterprise Desktop 12-SP3 (src): ImageMagick-6.8.8.1-71.82.1
openSUSE-SU-2018:3225-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1098545,1098546,1110746,1110747,1111069,1111072 CVE References: CVE-2017-13058,CVE-2018-12599,CVE-2018-12600,CVE-2018-17965,CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: openSUSE Leap 42.3 (src): ImageMagick-6.8.8.1-73.1
SUSE-SU-2018:3269-1: An update that fixes 12 vulnerabilities is now available. Category: security (low) Bug References: 1106855,1107604,1107609,1107612,1107616,1107619,1108282,1108283,1110746,1110747,1111069,1111072 CVE References: CVE-2018-16323,CVE-2018-16640,CVE-2018-16642,CVE-2018-16643,CVE-2018-16644,CVE-2018-16645,CVE-2018-16749,CVE-2018-16750,CVE-2018-17965,CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: SUSE Studio Onsite 1.3 (src): GraphicsMagick-1.2.5-78.72.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): GraphicsMagick-1.2.5-78.72.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): GraphicsMagick-1.2.5-78.72.1
SUSE-SU-2018:3348-1: An update that fixes 13 vulnerabilities is now available. Category: security (moderate) Bug References: 1074170,1106855,1106989,1107604,1107609,1107612,1107616,1108282,1108283,1110746,1110747,1111069,1111072 CVE References: CVE-2017-17934,CVE-2018-16323,CVE-2018-16413,CVE-2018-16642,CVE-2018-16643,CVE-2018-16644,CVE-2018-16645,CVE-2018-16749,CVE-2018-16750,CVE-2018-17965,CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): ImageMagick-6.4.3.6-78.74.1 SUSE Linux Enterprise Server 11-SP4 (src): ImageMagick-6.4.3.6-78.74.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ImageMagick-6.4.3.6-78.74.1
released
SUSE-SU-2018:3753-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1106254,1110746,1111069,1111072 CVE References: CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: SUSE Linux Enterprise Module for Development Tools 15 (src): ImageMagick-7.0.7.34-3.34.3 SUSE Linux Enterprise Module for Desktop Applications 15 (src): ImageMagick-7.0.7.34-3.34.3
openSUSE-SU-2018:3797-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1106254,1110746,1111069,1111072 CVE References: CVE-2018-17966,CVE-2018-18016,CVE-2018-18024 Sources used: openSUSE Leap 15.0 (src): ImageMagick-7.0.7.34-lp150.2.21.1
This is an autogenerated message for OBS integration: This bug (1111072) was mentioned in https://build.opensuse.org/request/show/923064 Factory / ImageMagick