https://bugzilla.redhat.com/show_bug.cgi?id=2126824
Bug ID: 2126824 Summary: CVE-2022-3213 ImageMagick: heap buffer overflow while processing a malformed TIFF file Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: trathi@redhat.com CC: blaise@gmail.com, dcavalca@fb.com, epel-packagers-sig@lists.fedoraproject.org, fedora@famillecollet.com, jhorak@redhat.com, luya_tfz@thefinalzone.net, michel@michel-slm.name, ngompa13@gmail.com, pampelmuse@gmx.at, sergio@serjux.com, troy@troycurtisjr.com Target Milestone: --- Classification: Other
ImageMagick before version 7.1.0-47 is vulnerable to heap buffer overflow, while processing a malformed TIFF file.
https://github.com/ImageMagick/ImageMagick6/commit/1aea203eb36409ce6903b9e41... https://github.com/ImageMagick/ImageMagick/commit/30ccf9a0da1f47161b5935a95b...
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
TEJ RATHI trathi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |2126825, 2126826
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2126825 [Bug 2126825] CVE-2022-3213 ImageMagick: heap buffer overflow while processing a malformed TIFF file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126826 [Bug 2126826] CVE-2022-3213 ImageMagick: heap buffer overflow while processing a malformed TIFF file [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
--- Comment #1 from TEJ RATHI trathi@redhat.com --- Created ImageMagick tracking bugs for this issue:
Affects: epel-all [bug 2126826] Affects: fedora-all [bug 2126825]
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
TEJ RATHI trathi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2123416
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
TEJ RATHI trathi@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2126827
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
--- Doc Text *updated* by TEJ RATHI trathi@redhat.com --- A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
https://bugzilla.redhat.com/show_bug.cgi?id=2126824
--- Doc Text *updated* by RaTasha Tillery-Smith rtillery@redhat.com --- A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash, causing a denial of service.
https://bugzilla.redhat.com/show_bug.cgi?id=2126824 Bug 2126824 depends on bug 2126825, which changed state.
Bug 2126825 Summary: CVE-2022-3213 ImageMagick: heap buffer overflow while processing a malformed TIFF file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126825
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |CLOSED Resolution|--- |ERRATA
epel-packagers-sig@lists.stg.fedoraproject.org