Bug 1050100 - (CVE-2017-11526) VUL-1: CVE-2017-11526: ImageMagick: ReadOneMNGImage in coders/png.c allows remote attackers to cause DoS
(CVE-2017-11526)
VUL-1: CVE-2017-11526: ImageMagick: ReadOneMNGImage in coders/png.c allows re...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 42.2
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/189004/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-07-24 09:37 UTC by Johannes Segitz
Modified: 2018-02-12 08:10 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-07-24 09:37:56 UTC
CVE-2017-11526

The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and
7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large
loop and CPU consumption) via a crafted file.

Factory only.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11526
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11526
https://github.com/ImageMagick/ImageMagick/issues/527
Comment 2 Petr Gajdos 2018-01-15 06:37:00 UTC
12/ImageMagick

BEFORE

$ identify cpu-mng 
identify: corrupt image `cpu-mng' @ error/png.c/ReadOneMNGImage/5107.
$
[takes few seconds]

AFTER

$ identify cpu-mng
identify: insufficient image data in file `cpu-mng' @ error/png.c/ReadOneMNGImage/5229.
$
[returns immediatelly]
Comment 6 Petr Gajdos 2018-01-16 07:34:19 UTC
11/ImageMagick

BEFORE

$ identify cpu-mng 
identify: Corrupt image `cpu-mng'.
$
[takes few seconds]

AFTER

$ identify cpu-mng
identify: Insufficient image data in file `cpu-mng'.
$
[returns immediatelly]
Comment 7 Petr Gajdos 2018-01-16 11:17:22 UTC
42.x/GraphicsMagick

BEFORE

$ gm identify cpu-mng
gm identify: Corrupt image (cpu-mng).
gm identify: Request did not return an image.
$
[exits immediately]

AFTER

$ gm identify cpu-mng
gm identify: Corrupt image (cpu-mng).
gm identify: Request did not return an image.
$
[exits immediately]

Considered not affected.
Comment 10 Petr Gajdos 2018-01-19 15:39:01 UTC
42.x/GraphicsMagick

BEFORE

$ gm identify cpu-mng
[hangs or runs long]

AFTER

$ gm identify cpu-mng
gm identify: Corrupt image (cpu-mng).
$
[exits immediately]

Considered affected.
Comment 11 Petr Gajdos 2018-01-19 15:39:59 UTC
(In reply to Petr Gajdos from comment #10)

That should have been

11/GraphicsMagick
 
BEFORE

$ gm identify cpu-mng
[hangs or runs long]

AFTER

$ gm identify cpu-mng
gm identify: Corrupt image (cpu-mng).
$
[exits immediately]

Considered affected.
Comment 12 Petr Gajdos 2018-01-22 11:43:10 UTC
Submitted for: 12/ImageMagick, 11/ImageMagick and 11/GraphicsMagick
Comment 14 Petr Gajdos 2018-01-22 12:24:47 UTC
I believe all fixed.
Comment 17 Swamp Workflow Management 2018-02-02 14:09:31 UTC
SUSE-SU-2018:0349-1: An update that fixes 34 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043353,1043354,1047908,1050037,1050072,1050098,1050100,1050635,1051442,1052470,1052708,1052717,1052721,1052768,1052777,1052781,1054600,1055068,1055374,1055455,1055456,1057000,1060162,1062752,1072362,1072901,1074120,1074125,1074185,1074309,1075939,1076021,1076051
CVE References: CVE-2017-10995,CVE-2017-11505,CVE-2017-11525,CVE-2017-11526,CVE-2017-11539,CVE-2017-11639,CVE-2017-11750,CVE-2017-12565,CVE-2017-12640,CVE-2017-12641,CVE-2017-12643,CVE-2017-12671,CVE-2017-12673,CVE-2017-12676,CVE-2017-12935,CVE-2017-13059,CVE-2017-13141,CVE-2017-13142,CVE-2017-13147,CVE-2017-14103,CVE-2017-14649,CVE-2017-15218,CVE-2017-17504,CVE-2017-17681,CVE-2017-17879,CVE-2017-17884,CVE-2017-17914,CVE-2017-18008,CVE-2017-18027,CVE-2017-18029,CVE-2017-9261,CVE-2017-9262,CVE-2018-5246,CVE-2018-5685
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.33.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.33.1
Comment 18 Swamp Workflow Management 2018-02-02 14:15:14 UTC
SUSE-SU-2018:0350-1: An update that solves 30 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1043353,1043354,1047908,1050037,1050072,1050098,1050100,1050635,1051442,1052470,1052708,1052717,1052721,1052768,1052777,1052781,1054600,1055374,1055455,1055456,1057000,1060162,1062752,1072362,1074120,1074125,1074185,1074309,1075939,1076021,1076051
CVE References: CVE-2017-10995,CVE-2017-11505,CVE-2017-11525,CVE-2017-11526,CVE-2017-11539,CVE-2017-11639,CVE-2017-11750,CVE-2017-12565,CVE-2017-12640,CVE-2017-12641,CVE-2017-12643,CVE-2017-12671,CVE-2017-12673,CVE-2017-12676,CVE-2017-12935,CVE-2017-13141,CVE-2017-13142,CVE-2017-13147,CVE-2017-14103,CVE-2017-14649,CVE-2017-15218,CVE-2017-17504,CVE-2017-17879,CVE-2017-17884,CVE-2017-17914,CVE-2017-18027,CVE-2017-18029,CVE-2017-9261,CVE-2017-9262,CVE-2018-5685
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.29.2
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.29.2
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.29.2
Comment 19 Swamp Workflow Management 2018-02-08 11:13:21 UTC
openSUSE-SU-2018:0396-1: An update that fixes 34 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043353,1043354,1047908,1050037,1050072,1050098,1050100,1050635,1051442,1052470,1052708,1052717,1052721,1052768,1052777,1052781,1054600,1055068,1055374,1055455,1055456,1057000,1060162,1062752,1072362,1072901,1074120,1074125,1074185,1074309,1075939,1076021,1076051
CVE References: CVE-2017-10995,CVE-2017-11505,CVE-2017-11525,CVE-2017-11526,CVE-2017-11539,CVE-2017-11639,CVE-2017-11750,CVE-2017-12565,CVE-2017-12640,CVE-2017-12641,CVE-2017-12643,CVE-2017-12671,CVE-2017-12673,CVE-2017-12676,CVE-2017-12935,CVE-2017-13059,CVE-2017-13141,CVE-2017-13142,CVE-2017-13147,CVE-2017-14103,CVE-2017-14649,CVE-2017-15218,CVE-2017-17504,CVE-2017-17681,CVE-2017-17879,CVE-2017-17884,CVE-2017-17914,CVE-2017-18008,CVE-2017-18027,CVE-2017-18029,CVE-2017-9261,CVE-2017-9262,CVE-2018-5246,CVE-2018-5685
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-52.1
Comment 20 Swamp Workflow Management 2018-02-09 20:09:41 UTC
SUSE-SU-2018:0413-1: An update that fixes 34 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043353,1043354,1047908,1047910,1050037,1050072,1050100,1051442,1052470,1052708,1052717,1052768,1052777,1052781,1054600,1055038,1055374,1055455,1055456,1057000,1060162,1062752,1067198,1073690,1074023,1074120,1074125,1074175,1075939
CVE References: CVE-2014-9811,CVE-2017-10995,CVE-2017-11102,CVE-2017-11505,CVE-2017-11526,CVE-2017-11539,CVE-2017-11750,CVE-2017-12565,CVE-2017-12640,CVE-2017-12641,CVE-2017-12643,CVE-2017-12673,CVE-2017-12676,CVE-2017-12935,CVE-2017-13065,CVE-2017-13141,CVE-2017-13142,CVE-2017-13147,CVE-2017-14103,CVE-2017-14174,CVE-2017-14649,CVE-2017-15218,CVE-2017-15238,CVE-2017-16669,CVE-2017-17501,CVE-2017-17504,CVE-2017-17782,CVE-2017-17879,CVE-2017-17884,CVE-2017-17915,CVE-2017-8352,CVE-2017-9261,CVE-2017-9262,CVE-2018-5685
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.78.33.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.33.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.33.1
Comment 21 Marcus Meissner 2018-02-12 08:10:03 UTC
released