Bugzilla – Bug 1140669
VUL-0: CVE-2019-13300: ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages
Last modified: 2019-08-28 15:05:48 UTC
CVE-2019-13300 ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. Upstream issue: https://github.com/ImageMagick/ImageMagick/issues/1586 Upstream fix: https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13300 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13300.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300
BEFORE 15/ImageMagick $ magick "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" "" > /dev/null magick: MagickCore/cache.c:2441: GetPixelCacheVirtualMethod: Assertion `image->cache != (Cache) NULL' failed. Aborted (core dumped) $ 12/ImageMagick $ convert "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" "" > /dev/null Aborted (core dumped) $ 11/ImageMagick $ convert "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" "" > /dev/null convert: unrecognized option `-evaluate-sequence'. $ [testcase not applicable] PATCH referenced in comment 0 + ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/2116be83bbcdf92ac0b69b610a986218d9c6a316 11/ImageMagick: no AcquirePixelThreadSet() code found AFTER 15/ImageMagick $ magick "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" "" > /dev/null $ 12/ImageMagick $ convert "-black-point-compensation" "-interlace" "none" "(" "magick:rose" "-density" "302x531" ")" "(" "magick:granite" "+repage" ")" "-antialias" "-evaluate-sequence" "Log" "" > /dev/null $
Will submit for 15,12/ImageMagick.
I believe all fixed.
SUSE-SU-2019:2010-1: An update that fixes 18 vulnerabilities is now available. Category: security (moderate) Bug References: 1139885,1139886,1140100,1140102,1140103,1140106,1140110,1140111,1140501,1140513,1140534,1140538,1140554,1140664,1140666,1140669,1140673,1141171 CVE References: CVE-2019-12974,CVE-2019-12975,CVE-2019-12976,CVE-2019-12978,CVE-2019-12979,CVE-2019-13133,CVE-2019-13134,CVE-2019-13135,CVE-2019-13295,CVE-2019-13297,CVE-2019-13300,CVE-2019-13301,CVE-2019-13307,CVE-2019-13308,CVE-2019-13310,CVE-2019-13311,CVE-2019-13391,CVE-2019-13454 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP4 (src): ImageMagick-6.8.8.1-71.126.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): ImageMagick-6.8.8.1-71.126.1 SUSE Linux Enterprise Server 12-SP4 (src): ImageMagick-6.8.8.1-71.126.1 SUSE Linux Enterprise Desktop 12-SP4 (src): ImageMagick-6.8.8.1-71.126.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:2106-1: An update that fixes 30 vulnerabilities is now available. Category: security (moderate) Bug References: 1139884,1139885,1139886,1140100,1140102,1140103,1140104,1140105,1140106,1140110,1140111,1140501,1140513,1140520,1140534,1140538,1140543,1140545,1140547,1140549,1140552,1140554,1140664,1140665,1140666,1140667,1140668,1140669,1140673,1141171 CVE References: CVE-2019-12974,CVE-2019-12975,CVE-2019-12976,CVE-2019-12977,CVE-2019-12978,CVE-2019-12979,CVE-2019-13133,CVE-2019-13134,CVE-2019-13135,CVE-2019-13136,CVE-2019-13137,CVE-2019-13295,CVE-2019-13296,CVE-2019-13297,CVE-2019-13298,CVE-2019-13299,CVE-2019-13300,CVE-2019-13301,CVE-2019-13302,CVE-2019-13303,CVE-2019-13304,CVE-2019-13305,CVE-2019-13306,CVE-2019-13307,CVE-2019-13308,CVE-2019-13309,CVE-2019-13310,CVE-2019-13311,CVE-2019-13391,CVE-2019-13454 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): ImageMagick-7.0.7.34-3.67.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): ImageMagick-7.0.7.34-3.67.1 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): ImageMagick-7.0.7.34-3.67.1 SUSE Linux Enterprise Module for Development Tools 15 (src): ImageMagick-7.0.7.34-3.67.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src): ImageMagick-7.0.7.34-3.67.1 SUSE Linux Enterprise Module for Desktop Applications 15 (src): ImageMagick-7.0.7.34-3.67.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:1983-1: An update that fixes 30 vulnerabilities is now available. Category: security (moderate) Bug References: 1139884,1139885,1139886,1140100,1140102,1140103,1140104,1140105,1140106,1140110,1140111,1140501,1140513,1140520,1140534,1140538,1140543,1140545,1140547,1140549,1140552,1140554,1140664,1140665,1140666,1140667,1140668,1140669,1140673,1141171 CVE References: CVE-2019-12974,CVE-2019-12975,CVE-2019-12976,CVE-2019-12977,CVE-2019-12978,CVE-2019-12979,CVE-2019-13133,CVE-2019-13134,CVE-2019-13135,CVE-2019-13136,CVE-2019-13137,CVE-2019-13295,CVE-2019-13296,CVE-2019-13297,CVE-2019-13298,CVE-2019-13299,CVE-2019-13300,CVE-2019-13301,CVE-2019-13302,CVE-2019-13303,CVE-2019-13304,CVE-2019-13305,CVE-2019-13306,CVE-2019-13307,CVE-2019-13308,CVE-2019-13309,CVE-2019-13310,CVE-2019-13311,CVE-2019-13391,CVE-2019-13454 Sources used: openSUSE Leap 15.1 (src): ImageMagick-7.0.7.34-lp151.7.9.1 openSUSE Leap 15.0 (src): ImageMagick-7.0.7.34-lp150.2.38.1
released