First Last Prev Next    This bug is not in your last search results.
Bug 1082362 - (CVE-2017-12692) VUL-0: CVE-2017-12692: ImageMagick: The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remoteattackers to cause a denial of service (memory consumption) via a crafted VIFFfile.
(CVE-2017-12692)
VUL-0: CVE-2017-12692: ImageMagick: The ReadVIFFImage function in coders/viff...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/200687/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-02-22 16:56 UTC by Victor Pereira
Modified: 2018-04-06 22:41 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2018-02-22 16:56:05 UTC 
CVE-2017-12692

The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote
attackers to cause a denial of service (memory consumption) via a crafted VIFF
file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12692
Comment 2 Petr Gajdos 2018-02-26 11:14:35 UTC 
12/ImageMagick

$ time convert oom-ReadVIFFImage1 /dev/null
convert: unexpected end-of-file `oom-ReadVIFFImage1': No such file or directory @ error/viff.c/ReadVIFFImage/752.

real	0m14.502s
user	0m12.404s
sys	0m1.676s
$
[cpu nearly 100%, 3/4 of memory]

11/ImageMagick

$ time convert oom-ReadVIFFImage1 /dev/null
convert: Unexpected end-of-file `oom-ReadVIFFImage1': No such file or directory.

real	0m15.032s
user	0m11.929s
sys	0m2.284s
$
[cpu 100%, 1/2 of memory]

11/GraphicsMagick

$ time  gm convert oom-ReadVIFFImage1 /dev/null
gm convert: Insufficient image data in file (oom-ReadVIFFImage1).

real	0m0.005s
user	0m0.000s
sys	0m0.004s
$

42.3/GraphicsMagick

$ time gm convert oom-ReadVIFFImage1 /dev/null
gm convert: Insufficient image data in file (oom-ReadVIFFImage1).

real	0m0.004s
user	0m0.000s
sys	0m0.003s
$

PATCH

ImageMagick: see comment 1
GraphicsMagick: already solved via 1017322

AFTER

12/ImageMagick

$ time convert oom-ReadVIFFImage1 /dev/null
082362: improper image header `oom-ReadVIFFImage1' @ error/viff.c/ReadVIFFImage/531.
082362: no images defined `/dev/null' @ error/convert.c/ConvertImageCommand/3149.

real	0m0.007s
user	0m0.007s
sys	0m0.000s
$

11/ImageMagick

$ time convert oom-ReadVIFFImage1 /dev/null
convert: Improper image header `oom-ReadVIFFImage1'.
convert: missing an image filename `/dev/null'.

real	0m0.014s
user	0m0.009s
sys	0m0.005s
$
Comment 3 Petr Gajdos 2018-02-26 11:14:54 UTC 
Will submit for: 12/ImageMagick and 11/ImageMagick
Comment 4 Petr Gajdos 2018-02-28 14:58:13 UTC 
I believe all fixed.
Comment 8 Swamp Workflow Management 2018-04-03 13:09:24 UTC 
SUSE-SU-2018:0857-1: An update that fixes 17 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011
CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
Comment 9 Swamp Workflow Management 2018-04-05 19:12:37 UTC 
SUSE-SU-2018:0880-1: An update that fixes 16 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043290,1050087,1056434,1058630,1059735,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1084060,1086011
CVE References: CVE-2017-11524,CVE-2017-12691,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14343,CVE-2017-14505,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18219,CVE-2017-9500,CVE-2018-7443,CVE-2018-8804
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    ImageMagick-6.4.3.6-78.40.1
SUSE Linux Enterprise Server 11-SP4 (src):    ImageMagick-6.4.3.6-78.40.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    ImageMagick-6.4.3.6-78.40.1
Comment 10 Andreas Stieger 2018-04-06 16:54:42 UTC 
releasing for Leap, closing as done
Comment 11 Swamp Workflow Management 2018-04-06 22:09:07 UTC 
openSUSE-SU-2018:0893-1: An update that fixes 17 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011
CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-58.1
First Last Prev Next    This bug is not in your last search results.