First Last Prev Next    This bug is not in your last search results.
Bug 1060382 - (CVE-2017-14739) VUL-2: CVE-2017-14739: ImageMagick: The AcquireResampleFilterThreadSet function in magick/resample-private.h NULL pointer dereference could lead to denial of service
(CVE-2017-14739)
VUL-2: CVE-2017-14739: ImageMagick: The AcquireResampleFilterThreadSet functi...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/192500/
CVSSv2:NVD:CVE-2017-14739:5.0:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-26 08:42 UTC by Victor Pereira
Modified: 2018-04-06 22:38 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2017-09-26 08:42:31 UTC 
CVE-2017-14739

The AcquireResampleFilterThreadSet function in magick/resample-private.h in
ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote
attackers to cause a denial of service (NULL Pointer Dereference in DistortImage
in MagickCore/distort.c, and application crash) via unspecified vectors.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14739
https://github.com/ImageMagick/ImageMagick/issues/780
Comment 1 Marcus Meissner 2017-09-29 13:04:38 UTC 
NULL ptr dereference as controled abort. deferable
Comment 2 Petr Gajdos 2018-03-05 17:23:28 UTC 
No testcase.

PATCH

https://github.com/ImageMagick/ImageMagick/commit/700fcf95b2c3f554dfbe75833b91f19dde208089
(fixed by throwing fatal error at oom)
https://github.com/ImageMagick/ImageMagick/commit/67a633df9386704f45d1ad24f7f5af8a5d11f4a3
(but, AcquireResampleFilter() can not return NULL, also throws fatal error at oom)

12/ImageMagick: code present
11/ImageMagick: code not found: AcquireResampleFilterThreadSet() static on several places, but has the fatal error
11/GraphicsMagick: code not found, another mechanism
42.3/GraphicsMagick: code not found, another mechanism
Comment 3 Petr Gajdos 2018-03-05 17:23:58 UTC 
Will submit for 12/ImageMagick.
Comment 4 Petr Gajdos 2018-03-05 19:25:27 UTC 
I believe all fixed.
Comment 10 Swamp Workflow Management 2018-04-03 13:08:38 UTC 
SUSE-SU-2018:0857-1: An update that fixes 17 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011
CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Server 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    ImageMagick-6.8.8.1-71.47.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    ImageMagick-6.8.8.1-71.47.1
Comment 11 Andreas Stieger 2018-04-06 16:54:28 UTC 
releasing for Leap, closing as done
Comment 12 Swamp Workflow Management 2018-04-06 22:08:22 UTC 
openSUSE-SU-2018:0893-1: An update that fixes 17 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043290,1050087,1056434,1058630,1059735,1060382,1066168,1066170,1082283,1082291,1082348,1082362,1082792,1082837,1083628,1083634,1086011
CVE References: CVE-2017-11524,CVE-2017-12692,CVE-2017-12693,CVE-2017-13768,CVE-2017-14314,CVE-2017-14505,CVE-2017-14739,CVE-2017-15016,CVE-2017-15017,CVE-2017-16352,CVE-2017-16353,CVE-2017-18209,CVE-2017-18211,CVE-2017-9500,CVE-2018-7443,CVE-2018-7470,CVE-2018-8804
Sources used:
openSUSE Leap 42.3 (src):    ImageMagick-6.8.8.1-58.1
First Last Prev Next    This bug is not in your last search results.