Bug 2185714 (CVE-2023-1906)

Summary:	CVE-2023-1906 ImageMagick: heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c
Product:	[Other] Security Response	Reporter:	TEJ RATHI <trathi>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED WONTFIX	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	unspecified	CC:	ashleydurack041, bdettelb, drieden, grahamlogan429, ikanias, jary, jhorak, powerdirectormodapk, rravi, tohughes
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:	ImageMagick 6.9.12-84, ImageMagick 7.1.1-6	Doc Type:	If docs needed, set a value
Doc Text:	A heap-based buffer overflow was found in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. This issue could allow an attacker to pass a specially crafted file to convert, triggering an out-of-bounds read error, which could cause an application to crash and result in a denial of service.	Story Points:	---
Clone Of:		Environment:
Last Closed:	2023-04-11 21:05:08 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	2185715, 2185716
Bug Blocks:	2185712

Description TEJ RATHI 2023-04-11 04:38:58 UTC

Heap-based buffer overflow in ImportMultiSpectralQuantum() in MagickCore/quantum-import.c

References:

https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247
https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3 (ImageMagick 7.1.1-6)
https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d (ImageMagick 6.9.12-84)

Comment 1 TEJ RATHI 2023-04-11 04:39:22 UTC

Created ImageMagick tracking bugs for this issue:

Affects: epel-8 [bug 2185716]
Affects: fedora-all [bug 2185715]

Comment 2 Product Security DevOps Team 2023-04-11 21:05:06 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-1906

Comment 3 TEJ RATHI 2023-04-12 13:54:54 UTC

RHEL-6,7 are not affected as vulnerable code is not present in our code-base.

Comment 4 Jon 2023-07-10 13:32:46 UTC Comment hidden (spam)

Carx street mod apk iOS</a> also offers unlimited in-game currency, allowing you to upgrade your cars, purchase new parts, and fine-tune your racing machines without any limitations.
https://carxstreetapk.com/carx-street-mod-apk-ios/

Comment 5 JoseSilas 2023-07-31 10:53:46 UTC Comment hidden (spam)

Our aim is to provide you with inspiration for your next family name using website https://foxynamer.com/. That’s why we have dedicated ourselves to making the naming process easier, more enjoyable, and stress-free.

Comment 6 ashleydurack041 2023-08-07 13:48:04 UTC Comment hidden (spam)

If you're looking for an adrenaline-pumping way to spend your free time, look no further than CarX Street mod apk - the ultimate racing game experience! Get ready to be thrilled by intense street racing action, stunning graphics, and realistic car physics. Once you start playing, you won't be able to resist the urge to conquer the streets and become the ultimate racing champion. So, what are you waiting for?
https://apkdede.com/carx-street-mod-apk/