A flaw was found in ImageMagick before version 7.0.11 and 6.9.12. A division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via crafted image file. Upstream issue: https://github.com/ImageMagick/ImageMagick/issues/3296 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/94174beff065cb5683d09d79e992c3ebbdead311 https://github.com/ImageMagick/ImageMagick6/commit/f1e68d22d1b35459421710587a0dcbab6900b51f
Created ImageMagick tracking bugs for this issue: Affects: epel-8 [bug 1946723] Affects: fedora-all [bug 1946724]
Statement: This flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. It does not affect Red Hat Enterprise Linux 8 because the ImageMagick package is not shipped. To learn more about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata/ .