Bugzilla – Bug 1212237
VUL-0: CVE-2023-34474: ImageMagick: heap-based buffer overflow in ReadTIM2ImageData() function in coders/tim2.c
Last modified: 2023-09-25 12:08:07 UTC
CVE-2023-34474 A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. https://github.com/ImageMagick/ImageMagick/commit/1061db7f80fdc9ef572ac60b55f408f7bab6e1b0 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34474 https://bugzilla.redhat.com/show_bug.cgi?id=2214148
Affected: - SUSE:SLE-15-SP4:Update/ImageMagick 7.1.0.9 Not Affected: - SUSE:SLE-15-SP3:Update/GraphicsMagick 1.3.35 - openSUSE:Factory/GraphicsMagick 1.3.40 - SUSE:SLE-12:Update/ImageMagick 6.8.8.1 - SUSE:SLE-11:Update/ImageMagick 6.4.3.6 - SUSE:SLE-15:Update/ImageMagick 7.0.7.34 - SUSE:SLE-15-SP2:Update/ImageMagick 7.0.7.34 - openSUSE:Factory/ImageMagick 7.1.1.11
A follow-up https://github.com/ImageMagick/ImageMagick/commit/fac0ea8011704c675f65152a161427621cf07917
Submitted for 15sp4/ImageMagick. I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1212237) was mentioned in https://build.opensuse.org/request/show/1093259 Factory / ImageMagick
SUSE-SU-2023:2878-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1212237 CVE References: CVE-2023-34474 Sources used: openSUSE Leap 15.4 (src): ImageMagick-7.1.0.9-150400.6.24.1 openSUSE Leap 15.5 (src): ImageMagick-7.1.0.9-150400.6.24.1 Desktop Applications Module 15-SP4 (src): ImageMagick-7.1.0.9-150400.6.24.1 Desktop Applications Module 15-SP5 (src): ImageMagick-7.1.0.9-150400.6.24.1 Development Tools Module 15-SP4 (src): ImageMagick-7.1.0.9-150400.6.24.1 Development Tools Module 15-SP5 (src): ImageMagick-7.1.0.9-150400.6.24.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done, closing