First Last Prev Next    This bug is not in your last search results.
Bug 1052251 - (CVE-2017-12429) VUL-1: CVE-2017-12429: GraphicsMagick, ImageMagick: Memory exhaustion in ReadMIFFImage in coders/miff.c, which allows attackers to cause DoS
(CVE-2017-12429)
VUL-1: CVE-2017-12429: GraphicsMagick, ImageMagick: Memory exhaustion in Read...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/189603/
CVSSv2:SUSE:CVE-2017-12429:5.0:(AV:N/...
:
Depends on: CVE-2017-12430
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-04 12:29 UTC by Johannes Segitz
Modified: 2019-08-16 15:34 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Reproducer (765 bytes, text/plain)
2017-08-04 12:29 UTC, Johannes Segitz 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-08-04 12:29:47 UTC 
Created attachment 735280 [details]
Reproducer

CVE-2017-12429

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in
the function ReadMIFFImage in coders/miff.c, which allows attackers to
cause a denial of service.

valgrind --leak-check=full identify memory_exhaustion_in_ReadMIFFImage

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12429
Comment 1 Marcus Meissner 2017-09-29 06:12:46 UTC 
https://github.com/ImageMagick/ImageMagick/issues/545

attacker controlled big memory allocation possibility (32bit) OOM
Comment 2 Petr Gajdos 2018-02-13 13:54:25 UTC 
BEFORE

12/ImageMagick

$ valgrind -q --leak-check=full identify memory_exhaustion_in_ReadMIFFImage
identify: insufficient image data in file `memory_exhaustion_in_ReadMIFFImage' @ error/miff.c/ReadMIFFImage/1176.
$

11/ImageMagick

$ valgrind -q --leak-check=full identify memory_exhaustion_in_ReadMIFFImage
identify: Insufficient image data in file `memory_exhaustion_in_ReadMIFFImage'.
$

11/GraphicsMagick

$ valgrind -q --leak-check=full gm identify memory_exhaustion_in_ReadMIFFImage
gm identify: Memory allocation failed (memory_exhaustion_in_ReadMIFFImage).
$

HG,42.3/GraphicsMagick

$ valgrind -q --leak-check=full gm identify memory_exhaustion_in_ReadMIFFImage
gm identify: Memory allocation failed (memory_exhaustion_in_ReadMIFFImage).
gm identify: Request did not return an image.
$

[no issues observed]

PATCH

We already fixed that via 
https://bugzilla.suse.com/show_bug.cgi?id=1052252
https://github.com/ImageMagick/ImageMagick/commit/8d537f6d778675e08ef9d238606d05101bf471b9
Comment 3 Petr Gajdos 2018-02-13 14:02:47 UTC 
Better said: CVE-2017-12430 is followup of CVE-2017-12429. Along fixing CVE-2017-12430 we already fixed also CVE-2017-12429.
Comment 4 Petr Gajdos 2018-02-13 16:01:09 UTC 
I will just the changes and renamed patch for 12/ImageMagick, 11/ImageMagick and 11/GraphicsMagick.
Comment 5 Petr Gajdos 2018-02-16 19:16:39 UTC 
Packages submitted.
Comment 6 Swamp Workflow Management 2018-02-20 14:09:15 UTC 
SUSE-SU-2018:0486-1: An update that fixes 24 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1048110,1049374,1049375,1050048,1050617,1050669,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052761,1055069,1055229,1058009,1074119,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11448,CVE-2017-11450,CVE-2017-11537,CVE-2017-11637,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14224,CVE-2017-17885,CVE-2017-18028,CVE-2017-9407,CVE-2018-6405
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-7.78.34.1
Comment 7 Swamp Workflow Management 2018-02-22 14:09:23 UTC 
SUSE-SU-2018:0524-1: An update that fixes 20 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1047900,1049374,1049375,1050617,1050669,1052248,1052251,1052254,1052472,1052688,1055069,1055229,1058009,1072934,1073081,1074307,1076182,1078433
CVE References: CVE-2017-11140,CVE-2017-11448,CVE-2017-11450,CVE-2017-11637,CVE-2017-11638,CVE-2017-11642,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12668,CVE-2017-13058,CVE-2017-13131,CVE-2017-14224,CVE-2017-17502,CVE-2017-17503,CVE-2017-17912,CVE-2017-18028,CVE-2017-9407,CVE-2018-6405
Sources used:
SUSE Studio Onsite 1.3 (src):    GraphicsMagick-1.2.5-4.78.38.1
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.38.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    GraphicsMagick-1.2.5-4.78.38.1
Comment 8 Swamp Workflow Management 2018-03-01 20:16:40 UTC 
SUSE-SU-2018:0581-1: An update that fixes 35 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1042911,1048110,1048272,1049374,1049375,1050048,1050119,1050122,1050126,1050132,1050617,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052754,1052761,1055069,1055229,1056768,1057163,1058009,1072898,1074119,1074170,1075821,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11170,CVE-2017-11448,CVE-2017-11450,CVE-2017-11528,CVE-2017-11530,CVE-2017-11531,CVE-2017-11533,CVE-2017-11537,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12663,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14060,CVE-2017-14139,CVE-2017-14224,CVE-2017-17682,CVE-2017-17885,CVE-2017-17934,CVE-2017-18028,CVE-2017-9405,CVE-2017-9407,CVE-2018-5357,CVE-2018-6405
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.42.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.42.1
Comment 9 Andreas Stieger 2018-03-06 19:44:30 UTC 
Releasing for Leap, showing as done otherwise
Comment 10 Swamp Workflow Management 2018-03-06 23:15:24 UTC 
openSUSE-SU-2018:0621-1: An update that fixes 35 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1042824,1042911,1048110,1048272,1049374,1049375,1050048,1050119,1050122,1050126,1050132,1050617,1052207,1052248,1052251,1052254,1052472,1052688,1052711,1052747,1052750,1052754,1052761,1055069,1055229,1056768,1057163,1058009,1072898,1074119,1074170,1075821,1076182,1078433
CVE References: CVE-2017-11166,CVE-2017-11170,CVE-2017-11448,CVE-2017-11450,CVE-2017-11528,CVE-2017-11530,CVE-2017-11531,CVE-2017-11533,CVE-2017-11537,CVE-2017-11638,CVE-2017-11642,CVE-2017-12418,CVE-2017-12427,CVE-2017-12429,CVE-2017-12432,CVE-2017-12566,CVE-2017-12654,CVE-2017-12663,CVE-2017-12664,CVE-2017-12665,CVE-2017-12668,CVE-2017-12674,CVE-2017-13058,CVE-2017-13131,CVE-2017-14060,CVE-2017-14139,CVE-2017-14224,CVE-2017-17682,CVE-2017-17885,CVE-2017-17934,CVE-2017-18028,CVE-2017-9405,CVE-2017-9407,CVE-2018-5357,CVE-2018-6405
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-55.1
First Last Prev Next    This bug is not in your last search results.