Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

SUSE: 2018:2465-1 Moderate: ImageMagick Denial Of Service Fix

suse
Calendar Grey August 21, 2018
Scroller Suse Esm H88
SUSE Security Patch for ImageMagick addresses a total of 10 vulnerabilities, among which is a denial of service flaw. It's essential to apply the patch to enhance your system's security.
An update that fixes 10 vulnerabilities is now available

Summary

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-11251: Heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause denial of service (bsc#1094237) - CVE-2017-18271: Infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (bsc#1094204) - CVE-2017-13758: Heap-based buffer overflow in the TracePoint() in MagickCore/draw.c, which allows attackers to cause a denial of service(bsc#1056277) - CVE-2018-10805: Fixed several memory leaks in rgb.c, cmyk.c, gray.c, and ycbcr.c (bsc#1095812) - CVE-2018-12600: The ReadDIBImage and WriteDIBImage functions allowed attackers to cause an out of bounds write via a crafted file (bsc#1098545)

References

#1056277 #1094204 #1094237 #1095812 #1098545

#1098546 #1102003 #1102004 #1102005 #1102007

Cross- CVE-2017-13758 CVE-2017-18271 CVE-2018-10805

CVE-2018-11251 CVE-2018-12599 CVE-2018-12600

CVE-2018-14434 CVE-2018-14435 CVE-2018-14436

CVE-2018-14437

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2017-13758.html

https://www.suse.com/security/cve/CVE-2017-18271.html

https://www.suse.com/security/cve/CVE-2018-10805.html

https://www.suse.com/security/cve/CVE-2018-11251.html

https://www.suse.com/security/cve/CVE-2018-12599.html

https://www.suse.com/security/cve/CVE-2018-12600.html

Announcement ID: SUSE-SU-2018:2465-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.