Описание
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| imagemagick | fixed | 8:6.9.9.34+dfsg-3 | package |
Примечания
https://github.com/ImageMagick/ImageMagick/issues/662
ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5
ImageMagick-7: https://github.com/ImageMagick/ImageMagick/commit/04178de2247e353fc095846784b9a10fefdbf890
This doesn't affect the base releases, but got introduced via security fixes, which got backported to older suites
Связанные уязвимости
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.