[v2.6] imagemagic: multiple issues (CVE-2014-8561, CVE-2014-8562, CVE-2014-8716)
Multiple issues have been found in imagemagic.
CVE-2014-8561: removing profile from jpg image creates infinite loop
with at least 6.8.9.6-4 version.
Fixed in version imagemagick/8:6.8.9.9-1.
Severity: important
The following command:
convert test.jpg +profile ‘!icc,*’ out.jpg
used to remove all image metadata except ICC tags/profiles. However, in recent versions it just dies after exhausting all system memory. Attaching a random sample image to test it.
References:
http://seclists.org/oss-sec/2014/q4/484
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764872
COMMIT:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26399\#p116146
CVE-2014-8561: out-of-bound memory error in DCM decode.
References:
http://seclists.org/oss-sec/2014/q4/484
https://security-tracker.debian.org/tracker/CVE-2014-8562
https://int21.de/cve/CVE-2014-8562-dcm-oob-heap-overflow.html
COMMIT: http://trac.imagemagick.org/changeset/16795
CVE-2014-8716: crafted jpeg file could lead to DoS
References:
http://seclists.org/oss-sec/2014/q4/591
https://security-tracker.debian.org/tracker/CVE-2014-8716
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
(from redmine: issue id 3576, created on 2014-11-26, closed on 2017-09-05)
- Relations:
- parent #3575