Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

imagemagick: CVE-2017-12666

Related Vulnerabilities: CVE-2017-12666   CVE-2017-11752   CVE-2017-11751   CVE-2017-11750  

Source

Debian Bug report logs - #870482
imagemagick: CVE-2017-12666

version graph

Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>;

Reported by: Bastien ROUCARIES <roucaries.bastien@gmail.com>

Date: Wed, 2 Aug 2017 13:48:02 UTC

Severity: important

Tags: security, upstream

Found in versions imagemagick/8:6.9.7.4+dfsg-15, imagemagick/8:6.7.7.10-5+deb7u14, imagemagick/8:6.7.7.10-5+deb9u1, imagemagick/8:6.8.9.9-5+deb8u9, imagemagick/8:6.8.9.9-5+deb8u8

Fixed in version imagemagick/8:6.9.7.4+dfsg-16

Done: Bastien Roucariès <rouca@debian.org>

Bug is archived. No further changes may be made.

Forwarded to https://github.com/ImageMagick/ImageMagick/issues/572

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>:
Bug#870482; Package src:imagemagick. (Wed, 02 Aug 2017 13:48:04 GMT) (full text, mbox, link).

Acknowledgement sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>. (Wed, 02 Aug 2017 13:48:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: memory leak in WriteINLINEImage
Date: Wed, 2 Aug 2017 15:45:14 +0200
Source: imagemagick
Version: 8:6.9.7.4+dfsg-15
Severity: important
Tags: security upstream
X-Debbugs-CC: team@security.debian.org
control: found -1 8:6.8.9.9-5+deb8u8
control: found -1 8:6.8.9.9-5+deb8u9
control: found -1 8:6.7.7.10-5+deb7u14
control: found -1 8:6.7.7.10-5+deb9u1
forwarded: https://github.com/ImageMagick/ImageMagick/issues/572


Version: ImageMagick 7.0.6-2 Q16 x86_64

./magick convert $FILE  out.inline

=================================================================
==2302==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 13024 byte(s) in 1 object(s) allocated from:
    #0 0x4deeb6 in __interceptor_malloc asan_malloc_linux.cc:66
    #1 0x7fe8406e0186 in AcquireMagickMemory memory.c:464:10
    #2 0x7fe8406907c3 in AcquireImageInfo image.c:347:28
    #3 0x7fe840699933 in CloneImageInfo image.c:952:14
    #4 0x7fe840aa7aa3 in WriteINLINEImage inline.c:312:14
    #5 0x7fe8404bfced in WriteImage constitute.c:1183:22
    #6 0x7fe8404c05fd in WriteImages constitute.c:1333:13
    #7 0x7fe83fb6b900 in ConvertImageCommand convert.c:3280:11
    #8 0x7fe83fcba0cf in MagickCommandGenesis mogrify.c:183:14
    #9 0x514a37 in MagickMain magick.c:149:10
    #10 0x514491 in main magick.c:180:10
    #11 0x7fe83a4f7f44 in __libc_start_main libc-start.c:287

POC: https://github.com/jgj212/poc/blob/master/leak-WriteINLINEImage

Credit : ADLab of Venustech

Marked as found in versions imagemagick/8:6.8.9.9-5+deb8u8. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Wed, 02 Aug 2017 13:48:05 GMT) (full text, mbox, link).

Marked as found in versions imagemagick/8:6.8.9.9-5+deb8u9. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Wed, 02 Aug 2017 13:48:05 GMT) (full text, mbox, link).

Marked as found in versions imagemagick/8:6.7.7.10-5+deb7u14. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Wed, 02 Aug 2017 13:48:06 GMT) (full text, mbox, link).

Marked as found in versions imagemagick/8:6.7.7.10-5+deb9u1. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Wed, 02 Aug 2017 13:48:07 GMT) (full text, mbox, link).

Added tag(s) pending. Request was from roucaries.bastien@gmail.com to control@bugs.debian.org. (Wed, 02 Aug 2017 20:42:10 GMT) (full text, mbox, link).

Reply sent to Bastien Roucariès <rouca@debian.org>:
You have taken responsibility. (Wed, 02 Aug 2017 21:09:13 GMT) (full text, mbox, link).

Notification sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Bug acknowledged by developer. (Wed, 02 Aug 2017 21:09:13 GMT) (full text, mbox, link).

Message #20 received at 870482-close@bugs.debian.org (full text, mbox, reply):

From: Bastien Roucariès <rouca@debian.org>
To: 870482-close@bugs.debian.org
Subject: Bug#870482: fixed in imagemagick 8:6.9.7.4+dfsg-16
Date: Wed, 02 Aug 2017 21:06:31 +0000
Source: imagemagick
Source-Version: 8:6.9.7.4+dfsg-16

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 870482@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès <rouca@debian.org> (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 02 Aug 2017 22:38:50 +0200
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick
Architecture: source
Version: 8:6.9.7.4+dfsg-16
Distribution: unstable
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files
 libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16
 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16)
 libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI
 libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI)
 libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI
 libmagickcore-dev - low-level image manipulation library -- dummy package
 libmagickwand-6-headers - image manipulation library - headers files
 libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16
 libmagickwand-6.q16-dev - image manipulation library - development files (Q16)
 libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI
 libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI)
 libmagickwand-dev - image manipulation library -- dummy package
 perlmagick - Perl interface to ImageMagick -- dummy package
Closes: 870475 870478 870481 870482 870483 870489 870491 870492 870501 870502 870503 870504 870524 870525 870526 870527 870530
Changes:
 imagemagick (8:6.9.7.4+dfsg-16) unstable; urgency=high
 .
   * Security fix release
   * Fix a memory exhaustion in ReadPSDImage
     (Closes: #870530)
   * Fix a memory-Leak in ReadPWPImage()
     (Closes: #870527)
   * Avoid unbounded loop in pwp coder
     (Closes: #870526)
   * Fix a memory leaks in WriteMSLImage
     (Closes: #870525)
   * Fix another memory leak in WriteMSLImage
     (Closes: #870524)
   * Fix a memory exhaustion bug in ReadSUNImage
     (Closes: #870504)
   * Fix a memory leak in ReadSVGImage
     (Closes: #870503)
   * Fix a memory leak in WriteMAPImage
     (Closes: #870483)
   * Fix a memory leak in ReadPICTImage
     (Closes: #870502)
   * Fix a memory leak in WritePICTImage
     (Closes: #870501)
   * Fix a memory leak in pdf coder
     (Closes: #870492)
   * Fix a memory leak in PCX coder
     (Closes: #870489)
   * Memory exhaustion in PCX coder
     (Closes: #870491)
   * Memory leak in WriteINLINEImage
     (Closes: #870482)
   * CVE-2017-11752
     The ReadMAGICKImage function in coders/magick.c
     allows remote attackers to cause a denial of
     service (memory leak) via a crafted file.
     (Closes: #870481)
   * CVE-2017-11751
     The WritePICONImage function in coders/xpm.c
     allows remote attackers to cause a denial of
     service (memory leak) via a crafted file.
     (Closes: #870481)
   * CVE-2017-11750
     Fix improper use of NULL in the JNG decoder
     (Closes: #870478)
   * memory leak in WriteCALSImage
     (Closes: #870475)
Checksums-Sha1:
 28e2d3ae2fbf9ba5e55682dc217e01789abd61b2 5137 imagemagick_6.9.7.4+dfsg-16.dsc
 b3240755e3ba9cf82ba72ddcec876b6c5c865925 255120 imagemagick_6.9.7.4+dfsg-16.debian.tar.xz
 beb4aa5f1f939c7e9394c93f6b12bead38402177 12823 imagemagick_6.9.7.4+dfsg-16_source.buildinfo
Checksums-Sha256:
 9f0ba413ed44e3e94e018194d740b1f07ec03a69e6e52b2089aff2732257025c 5137 imagemagick_6.9.7.4+dfsg-16.dsc
 40c5f950416eb74487115ac21a4abd52277183b44b0b95254521c068bc4edbd2 255120 imagemagick_6.9.7.4+dfsg-16.debian.tar.xz
 32c02cd7f742846ff1b9ab9a00466b7e37cf20b02a8be308d6ba0115cf7d174e 12823 imagemagick_6.9.7.4+dfsg-16_source.buildinfo
Files:
 e876ec890fe1e1e7a9fa0ed7bb4afda9 5137 graphics optional imagemagick_6.9.7.4+dfsg-16.dsc
 14faf8186f3c512e1392c4f9de123913 255120 graphics optional imagemagick_6.9.7.4+dfsg-16.debian.tar.xz
 4c55be21c8bebceb2d64b782f4699ac3 12823 graphics optional imagemagick_6.9.7.4+dfsg-16_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAlmCOUYACgkQADoaLapB
CF+NdQ/+N7f79sL8e/asXGLEyRZN78HhcsyXzLIjtBZwDHuFfoM2nSs9E/ZS+Wzl
/wYAhwiptmjKVwtLJZ0xnzTNV2sMIkVxvBp0X3MhZ9FjKXjSdxSPG74oWDoWrcET
mce8ePxfiqNGydAg5kVr5DVPcRR3+whQD5+TukchWnKu/fCE2OgRxLCWXwPNaB59
ZxsCZ1jjsnACy+K0/wF8ZNHItOoqBOmOuJ5zGbdArvIX2AWWL87S3NhsdHyDujzk
QZpeIrcmQgavUr0LS7+TslRlLUF7XtwqhP9tk3TG0i6MYcMQv3bDI5RprgnufyfD
ZXX9CONseZu6Wvm2crKckXLa7+m2tnZQrC1izq0F3FMXO+dp9J91KEyIlOMIcgk0
ZFHr74LtqvMabNw6rAZGZb95s2LuVfgtDAO8sorUxuNbbSY6j7KxxQRZsa6E16zC
YhNlz7hULzwjmUferlfOkvJU63kRG2d7cOdZAmjLx9j0R7dBSrrqxRE3A6ZDxg/T
R/uzyeissnKlwPKMXV3w70578BanUfOVnPU31FL8+L2f2JwBp841oHvDq1bQwqIv
fvVzq5i5jaP6yHtQ/Rf6JXte3dWtB3JUnP6AcwKKMXOGvkFdmFLwMqZxddP5KOEt
lhKatrR2nrAdk/3AiVhObMQ9nqG+FV8wtxwQ75Hw+PrUuA3pjlc=
=rxMM
-----END PGP SIGNATURE-----

Changed Bug title to 'imagemagick: CVE-2017-12666' from 'memory leak in WriteINLINEImage'. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Tue, 08 Aug 2017 10:21:07 GMT) (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 06 Sep 2017 07:28:57 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 19:09:02 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started