Bug 1049375 – VUL-0: CVE-2017-11448: ImageMagick, GraphicsMagick: ReadJPEGImage in coders/jpeg.c allows remote attackers to obtain sensitive information from uninitialized memory

Bug 1049375 - (CVE-2017-11448) VUL-0: CVE-2017-11448: ImageMagick, GraphicsMagick: ReadJPEGImage in coders/jpeg.c allows remote attackers to obtain sensitive information from uninitialized memory

(CVE-2017-11448)
Summary:	VUL-0: CVE-2017-11448: ImageMagick, GraphicsMagick: ReadJPEGImage in coders/j...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/188742/
Whiteboard:	CVSSv2:NVD:CVE-2017-11448:4.3:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2017-07-19 10:51 UTC by Victor Pereira
Modified:	2018-03-06 23:46 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2017-07-19 10:51:11 UTC

CVE-2017-11448

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before
7.0.6-1 allows remote attackers to obtain sensitive information from
uninitialized memory locations via a crafted file.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11448

Comment 1 Marcus Meissner 2017-08-10 14:49:22 UTC

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867893

https://github.com/ImageMagick/ImageMagick/commit/1737ac82b335e53376382c07b9a500d73dd2aa11

https://github.com/ImageMagick/ImageMagick/issues/556

Comment 2 Petr Gajdos 2018-02-07 09:38:00 UTC

Have not found any testcase.

Comment 3 Petr Gajdos 2018-02-07 12:14:09 UTC

12/ImageMagick:    memory initialization can be added
11/ImageMagick:    memory initialization can be added
11/GraphicsMagick: memory initialization can be added

I am not sure, due few information if GraphicsMagick is affected. I will patch 11/GraphicsMagick as it cost nothing but I will not presume newer GraphicsMagick versions need the patch. Testcase would be needed.

Comment 4 Petr Gajdos 2018-02-07 12:20:47 UTC

Will submit for: 12/ImageMagick, 11/ImageMagick and 11/GraphicsMagick

Comment 5 Petr Gajdos 2018-02-09 16:02:04 UTC

I believe all fixed.

Comment 9 Swamp Workflow Management 2018-02-20 14:08:29 UTC

SUSE-SU-2018:0486-1: An update that fixes 24 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1048110,1049374,1049375,1050048,1050617,1050669,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052761,1055069,1055229,1058009,1074119,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11448,CVE-2017-11450,CVE-2017-11537,CVE-2017-11637,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14224,CVE-2017-17885,CVE-2017-18028,CVE-2017-9407,CVE-2018-6405
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1

Comment 10 Swamp Workflow Management 2018-02-22 14:08:53 UTC

SUSE-SU-2018:0524-1: An update that fixes 20 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1047900,1049374,1049375,1050617,1050669,1052248,1052251,1052254,1052472,1052688,1055069,1055229,1058009,1072934,1073081,1074307,1076182,1078433
CVE References: CVE-2017-11140,CVE-2017-11448,CVE-2017-11450,CVE-2017-11637,CVE-2017-11638,CVE-2017-11642,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12668,CVE-2017-13058,CVE-2017-13131,CVE-2017-14224,CVE-2017-17502,CVE-2017-17503,CVE-2017-17912,CVE-2017-18028,CVE-2017-9407,CVE-2018-6405
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.78.38.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.38.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.38.1

Comment 11 Swamp Workflow Management 2018-03-01 20:15:26 UTC

SUSE-SU-2018:0581-1: An update that fixes 35 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1042911,1048110,1048272,1049374,1049375,1050048,1050119,1050122,1050126,1050132,1050617,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052754,1052761,1055069,1055229,1056768,1057163,1058009,1072898,1074119,1074170,1075821,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11170,CVE-2017-11448,CVE-2017-11450,CVE-2017-11528,CVE-2017-11530,CVE-2017-11531,CVE-2017-11533,CVE-2017-11537,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12663,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14060,CVE-2017-14139,CVE-2017-14224,CVE-2017-17682,CVE-2017-17885,CVE-2017-17934,CVE-2017-18028,CVE-2017-9405,CVE-2017-9407,CVE-2018-5357,CVE-2018-6405
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1

Comment 12 Andreas Stieger 2018-03-06 19:44:18 UTC

Releasing for Leap, showing as done otherwise

Comment 13 Swamp Workflow Management 2018-03-06 23:14:13 UTC

openSUSE-SU-2018:0621-1: An update that fixes 35 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1042911,1048110,1048272,1049374,1049375,1050048,1050119,1050122,1050126,1050132,1050617,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052754,1052761,1055069,1055229,1056768,1057163,1058009,1072898,1074119,1074170,1075821,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11170,CVE-2017-11448,CVE-2017-11450,CVE-2017-11528,CVE-2017-11530,CVE-2017-11531,CVE-2017-11533,CVE-2017-11537,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12663,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14060,CVE-2017-14139,CVE-2017-14224,CVE-2017-17682,CVE-2017-17885,CVE-2017-17934,CVE-2017-18028,CVE-2017-9405,CVE-2017-9407,CVE-2018-5357,CVE-2018-6405
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-55.1