Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

Ubuntu 18.04 LTS: USN-5855-1 Critical Denial Of Service In ImageMagick

ubuntu
Calendar Grey February 9, 2023
Dist Ubuntu Esm H88
A security update has been issued for Ubuntu 18.04 LTS addressing multiple vulnerabilities in ImageMagick. This update is crucial as it mitigates a serious denial of service risk.
Several security issues were fixed in ImageMagick.

Summary

Several security issues were fixed in ImageMagick.

Software Description:

- imagemagick: Image manipulation programs and library

Details:

It was discovered that ImageMagick incorrectly handled certain PNG images.

If a user or automated system were tricked into opening a specially crafted

PNG file, an attacker could use this issue to cause ImageMagick to stop

responding, resulting in a denial of service, or possibly obtain the

contents of arbitrary files by including them into images.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
   imagemagick                     8:6.9.7.4+dfsg-16ubuntu6.15
   imagemagick-6.q16               8:6.9.7.4+dfsg-16ubuntu6.15
   libmagick++-6.q16-7             8:6.9.7.4+dfsg-16ubuntu6.15
   libmagickcore-6.q16-3           8:6.9.7.4+dfsg-16ubuntu6.15
   libmagickcore-6.q16-3-extra     8:6.9.7.4+dfsg-16ubuntu6.15

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5855-1

CVE-2022-44267, CVE-2022-44268

Severity
critical
Lowest
Low
Medium
High
Critical

February 09, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.