Описание
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
A flaw was found in ImageMagick, containing memory leaks of AcquireMagickMemory due to a wand/mogrify.c error. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | ImageMagick | Out of support scope | ||
| Red Hat Enterprise Linux 6 | ImageMagick | Out of support scope | ||
| Red Hat Enterprise Linux 7 | autotrace | Fixed | RHSA-2020:1180 | 31.03.2020 |
| Red Hat Enterprise Linux 7 | emacs | Fixed | RHSA-2020:1180 | 31.03.2020 |
| Red Hat Enterprise Linux 7 | ImageMagick | Fixed | RHSA-2020:1180 | 31.03.2020 |
| Red Hat Enterprise Linux 7 | inkscape | Fixed | RHSA-2020:1180 | 31.03.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ...
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
EPSS
3.3 Low
CVSS3