Bug 1055437 - (CVE-2017-13144) VUL-2: CVE-2017-13144: GraphicsMagick,ImageMagick: In ImageMagick before 6.9.7-10, there is a crash (rather than a "widthor height exceeds limit" error report) if the image dimensions are toolarge, as demonstrated by use of the mpc coder.
(CVE-2017-13144)
VUL-2: CVE-2017-13144: GraphicsMagick,ImageMagick: In ImageMagick before 6.9....
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Marcus Meissner
Security Team bot
https://smash.suse.de/issue/190919/
CVSSv2:NVD:CVE-2017-13144:4.3:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-24 07:31 UTC by Marcus Meissner
Modified: 2018-01-05 00:34 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
pic.jpg (101.37 KB, application/octet-stream)
2017-08-24 07:33 UTC, Marcus Meissner
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-08-24 07:31:49 UTC
CVE-2017-13144

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width
or height exceeds limit" error report) if the image dimensions are too
large, as demonstrated by use of the mpc coder.

https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438
Comment 1 Marcus Meissner 2017-08-24 07:33:16 UTC
Created attachment 738137 [details]
pic.jpg

QA REPRODUCER:

ImageMAgick:
identify pic.jpg

GraphicsMagick:
gm identify pic.jpg

should show (GOOD):
pic.jpg JPEG 624x28281+0+0 PseudoClass 256c 8-bit 101.4Ki 0.000u 0m:0.000006s

BAD would be an error message.
Comment 2 Marcus Meissner 2017-08-24 07:33:44 UTC
i tried sle11 ImageMagick and GraphicsMagick, sle12 ImageMagick and also factory.

none triggered the error message.
Comment 3 Petr Gajdos 2018-01-05 00:34:50 UTC
The error message is GOOD as long as the size of the image or size of memory to be used is limited via policy.xml.

Marcus, please read the upstream issue referenced in comment 0 and tell me what is actually the security issue.

What I see from there is just an error message missing.