Bug 1153868 - (CVE-2019-17547) VUL-0: CVE-2019-17547: ImageMagick: use-after-free in TraceBezier in MagickCore/draw.c
(CVE-2019-17547)
VUL-0: CVE-2019-17547: ImageMagick: use-after-free in TraceBezier in MagickCo...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/244838/
CVSSv3:SUSE:CVE-2019-17547:5.9:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-10-14 07:08 UTC by Alexander Bergmann
Modified: 2022-01-07 12:15 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Petr Gajdos 2019-10-15 14:36:16 UTC
In older code streams, the code is different:

patched code:

  control_points=quantum*number_coordinates;
  if (CheckPrimitiveExtent(mvg_info,control_points+1) == MagickFalse)
    {
      points=(PointInfo *) RelinquishMagickMemory(points);
      coefficients=(double *) RelinquishMagickMemory(coefficients);
      return(MagickFalse);
    }
+ primitive_info=(*mvg_info->primitive_info)+mvg_info->offset;

15/ImageMagick

  if (CheckPrimitiveExtent(mvg_info,control_points+1) != MagickFalse)
    primitive_info=(*mvg_info->primitive_info)+mvg_info->offset;

Considering older code streams unaffected by this CVE. In case of any doubts, feel free to reopen with an explanation and a reproducer.
Comment 3 Alexander Bergmann 2022-01-07 12:15:28 UTC
Closing as Not Affected.