A vulnerability exists in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote malicious user to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imagemagick imagemagick |
||
fedoraproject extra packages for enterprise linux 8.0 |
||
fedoraproject extra packages for enterprise linux 9.0 |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |