Bug 1427975 (CVE-2017-6335)

Summary: CVE-2017-6335 ImageMagick: Heap out-of-bounds read in tiff.c
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: abhgupta, andreas, ethan, jhorak, kseifried, nmurray, pahan, rdieter, sardella, tiwillia
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-01 16:01:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1427977, 1427978, 1427979    
Bug Blocks:    

Description Andrej Nemec 2017-03-01 15:59:42 UTC
ImageMagick and GraphicsMagick encounter a read beyond an allocated heap buffer when reading CMYKA TIFF files which claim to offer fewer samples per pixel than required. A maliciously crafted file could cause the application to crash.

References:

http://seclists.org/oss-sec/2017/q1/494

Upstream patch:

https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/

Comment 1 Andrej Nemec 2017-03-01 16:00:33 UTC
Created GraphicsMagick tracking bugs for this issue:

Affects: epel-all [bug 1427979]
Affects: fedora-all [bug 1427977]


Created ImageMagick tracking bugs for this issue:

Affects: fedora-all [bug 1427978]