Bug 1361492 (CVE-2016-6491)

Summary: CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory
Product: [Other] Security Response Reporter: Adam Mariš <amaris>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: abhgupta, dmcphers, ethan, jhorak, jialiu, jokerman, kseifried, lmeyer, mmccomas, nmurray, pahan, sardella, slawomir, tiwillia
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: ImageMagick 6.9.5-4 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-09-01 10:08:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1361494    
Bug Blocks: 1361496    

Description Adam Mariš 2016-07-29 07:37:53 UTC 
An out-of-bounds read vulnerability in CopyMagickMemory was found that can lead to memory leak because the read data are written into output image using SetImageProperty or can cause DoS by crashing the application.

Upstream patch:

https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b

CVE assignment:

http://seclists.org/oss-sec/2016/q3/194
Comment 1 Adam Mariš 2016-07-29 07:39:13 UTC 
Created ImageMagick tracking bugs for this issue:

Affects: fedora-all [bug 1361494]