Bugzilla – Bug 1058637
VUL-0: CVE-2017-14341: GraphicsMagick,ImageMagick: Infinite loop in the ReadWPGImage function
Last modified: 2018-02-12 08:36:25 UTC
When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunction with a non-MISP external user management ReST API, if an external user provides X.509 certificate authentication and this API returns an empty value, the unauthenticated user can be granted access as an arbitrary user. References: https://bugzilla.redhat.com/show_bug.cgi?id=1491262 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14341 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14337 http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14341.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14341 https://github.com/ImageMagick/ImageMagick/issues/654 https://github.com/MISP/MISP/commit/be111a470204a974c50682054c9c7d4b94396ed9 https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file. (The MISP CVE should not be in here.) CPU usage dos and 2^32 temporary file disk filling DOS.
This is CVE-2017-14341
BEFORE Testing with testcase in upstream bug, we are affected everywhere. For example, with GraphicsMagick hg head: $ gm identify cpu-ReadWPGImage [cpu 100%] And: $ du -hs /tmp/gmT02ZHX 554M /tmp/gmT02ZHX $ du -hs /tmp/gmT02ZHX 565M /tmp/gmT02ZHX $ du -hs /tmp/gmT02ZHX 573M /tmp/gmT02ZHX $ du -hs /tmp/gmT02ZHX 582M /tmp/gmT02ZHX $ PATCH https://github.com/ImageMagick/ImageMagick/commit/4eae304e773bad8a876c3c26fdffac24d4253ae4 AFTER (e. g. 11/ImageMagick) $ identify cpu-ReadWPGImage identify: Improper image header `cpu-ReadWPGImage'. $ GraphicsMagick upstream notified and fix committed. Will submit for: 12/ImageMagick, 11/ImageMagick, 11/GraphicsMagick, 42.2 GraphicsMagick, 42.3/GraphicsMagick
I believe all fixed.
This is an autogenerated message for OBS integration: This bug (1058637) was mentioned in https://build.opensuse.org/request/show/545153 42.3 / GraphicsMagick https://build.opensuse.org/request/show/545154 42.2 / GraphicsMagick
This is an autogenerated message for OBS integration: This bug (1058637) was mentioned in https://build.opensuse.org/request/show/547065 42.3 / GraphicsMagick https://build.opensuse.org/request/show/547066 42.2 / GraphicsMagick
openSUSE-SU-2017:3223-1: An update that fixes 7 vulnerabilities is now available. Category: security (important) Bug References: 1050632,1056162,1058485,1058637,1067181,1067184,1067409 CVE References: CVE-2017-11640,CVE-2017-13737,CVE-2017-14341,CVE-2017-14342,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669 Sources used: openSUSE Leap 42.3 (src): GraphicsMagick-1.3.25-44.1 openSUSE Leap 42.2 (src): GraphicsMagick-1.3.25-11.44.1
SUSE-SU-2017:3378-1: An update that fixes 26 vulnerabilities is now available. Category: security (important) Bug References: 1048457,1049796,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052758,1052764,1054757,1055214,1056432,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060577,1066003,1067181,1067184 CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14733,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): ImageMagick-6.4.3.6-7.78.14.1 SUSE Linux Enterprise Server 11-SP4 (src): ImageMagick-6.4.3.6-7.78.14.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ImageMagick-6.4.3.6-7.78.14.1
SUSE-SU-2017:3388-1: An update that solves 32 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1048457,1049796,1050083,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052744,1052758,1052764,1054757,1055214,1056432,1057157,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060176,1060577,1061254,1062750,1066003,1067181,1067184,1067409 CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11523,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14138,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14682,CVE-2017-14733,CVE-2017-14989,CVE-2017-15217,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP3 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Workstation Extension 12-SP2 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Software Development Kit 12-SP2 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Server 12-SP3 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Server 12-SP2 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Desktop 12-SP3 (src): ImageMagick-6.8.8.1-71.17.1 SUSE Linux Enterprise Desktop 12-SP2 (src): ImageMagick-6.8.8.1-71.17.1
openSUSE-SU-2017:3420-1: An update that solves 32 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1048457,1049796,1050083,1050116,1050139,1050632,1051441,1051847,1052450,1052553,1052689,1052744,1052758,1052764,1054757,1055214,1056432,1057157,1057719,1057729,1057730,1058485,1058637,1059666,1059778,1060176,1060577,1061254,1062750,1066003,1067181,1067184,1067409 CVE References: CVE-2017-11188,CVE-2017-11478,CVE-2017-11523,CVE-2017-11527,CVE-2017-11535,CVE-2017-11640,CVE-2017-11752,CVE-2017-12140,CVE-2017-12435,CVE-2017-12587,CVE-2017-12644,CVE-2017-12662,CVE-2017-12669,CVE-2017-12983,CVE-2017-13134,CVE-2017-13769,CVE-2017-14138,CVE-2017-14172,CVE-2017-14173,CVE-2017-14175,CVE-2017-14341,CVE-2017-14342,CVE-2017-14531,CVE-2017-14607,CVE-2017-14682,CVE-2017-14733,CVE-2017-14989,CVE-2017-15217,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669 Sources used: openSUSE Leap 42.3 (src): ImageMagick-6.8.8.1-40.1 openSUSE Leap 42.2 (src): ImageMagick-6.8.8.1-30.12.1
SUSE-SU-2017:3435-1: An update that fixes 14 vulnerabilities is now available. Category: security (important) Bug References: 1050632,1052450,1054757,1055214,1056426,1056429,1057508,1058485,1058637,1066003,1067181,1067184,1067409 CVE References: CVE-2016-7996,CVE-2017-11640,CVE-2017-12587,CVE-2017-12983,CVE-2017-13134,CVE-2017-13776,CVE-2017-13777,CVE-2017-14165,CVE-2017-14341,CVE-2017-14342,CVE-2017-15930,CVE-2017-16545,CVE-2017-16546,CVE-2017-16669 Sources used: SUSE Studio Onsite 1.3 (src): GraphicsMagick-1.2.5-4.78.19.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): GraphicsMagick-1.2.5-4.78.19.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): GraphicsMagick-1.2.5-4.78.19.1
released