SUSE: 2018:1851-1 Moderate: ImageMagick Denial Of Service Risks

suse

June 29, 2018

An update that fixes 8 vulnerabilities is now available

Summary

This update for ImageMagick fixes the following issues: These security issues were fixed: - CVE-2017-13758: Prevent heap-based buffer overflow in the TracePoint() function (bsc#1056277). - CVE-2017-10928: Prevent heap-based buffer over-read in the GetNextToken function that allowed remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document (bsc#1047356). - CVE-2018-9133: Long compute times in the tiff decoder have been fixed (bsc#1087820). - CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service (bsc#1094237). - CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service

Topics Covered

security advisory moderate denial of service heap overflow suse image processing imagemagick

References

#1047356 #1056277 #1087820 #1094204 #1094237

#1095730 #1095812 #1095813

Cross- CVE-2017-10928 CVE-2017-13758 CVE-2017-18271

CVE-2018-10804 CVE-2018-10805 CVE-2018-11251

CVE-2018-11655 CVE-2018-9133

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP3

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Desktop 12-SP3

https://www.suse.com/security/cve/CVE-2017-10928.html

https://www.suse.com/security/cve/CVE-2017-13758.html

https://www.suse.com/security/cve/CVE-2017-18271.html

https://www.suse.com/security/cve/CVE-2018-10804.html

https://www.suse.com/security/cve/CVE-2018-10805.html

https://www.suse.com/security/cve/CVE-2018-11251.html

Announcement ID: SUSE-SU-2018:1851-1

Rating: moderate

Topics Covered

security advisory moderate denial of service heap overflow suse image processing imagemagick

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1851-1 Moderate: ImageMagick Denial Of Service Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:1851-1 Moderate: ImageMagick Denial Of Service Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!