Bug 1082363 – VUL-0: CVE-2017-12691: ImageMagick: The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remoteattackers to cause a denial of service (memory consumption) via a crafted file.

Bug 1082363 - (CVE-2017-12691) VUL-0: CVE-2017-12691: ImageMagick: The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remoteattackers to cause a denial of service (memory consumption) via a crafted file.

(CVE-2017-12691)
Summary:	VUL-0: CVE-2017-12691: ImageMagick: The ReadOneLayer function in coders/xcf.c...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/200688/
Whiteboard:	CVSSv2:NVD:CVE-2017-12691:7.1:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2018-02-22 16:59 UTC by Victor Pereira
Modified:	2018-12-01 07:46 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2018-02-22 16:59:31 UTC

CVE-2017-12691

The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote
attackers to cause a denial of service (memory consumption) via a crafted file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12691

Comment 1 Petr Gajdos 2018-02-26 09:22:55 UTC

Info from RH bug.

Upstream bug:

https://github.com/ImageMagick/ImageMagick/issues/656

Upstream patch:

https://github.com/ImageMagick/ImageMagick/commit/68bbe7b8b226ed79e339296793f68f1b2bebc519

References:

https://bugs.gentoo.org/show_bug.cgi?id=629576

Comment 2 Petr Gajdos 2018-02-26 12:05:12 UTC

This is already solved via bug 1058422. I will just update rpm change logs (adding this bug number).

Comment 3 Petr Gajdos 2018-02-26 12:09:32 UTC

12/ImageMagick

$ valgrind -q convert oom-ReadOneLayer /dev/null
convert: memory allocation failed `oom-ReadOneLayer' @ error/xcf.c/ReadXCFImage/1356.
convert: no images defined `/dev/null' @ error/convert.c/ConvertImageCommand/3149.
$

11/ImageMagick

$ valgrind -q convert oom-ReadOneLayer /dev/null
convert: Memory allocation failed `oom-ReadOneLayer'.
convert: missing an image filename `/dev/null'.
$

11/GraphicsMagick

$ valgrind -q gm convert oom-ReadOneLayer /dev/null
gm convert: Request did not return an image.
$

No issues observed.

Comment 4 Petr Gajdos 2018-02-26 12:11:39 UTC

The rpm changelog amended for: 12/ImageMagick, 11/ImageMagick and 11/GraphicsMagick.

Comment 5 Petr Gajdos 2018-02-28 14:58:12 UTC

I believe all fixed.

Comment 6 Marcus Meissner 2018-05-18 15:45:30 UTC

done