Red Hat Bugzilla – Bug 1473847
CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function
Last modified: 2018-06-29 18:24:56 EDT
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value. Upstream bug: https://github.com/ImageMagick/ImageMagick/issues/518 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/078e9692a257e7a8aa36ccc750927f9617923061 https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1473848]