In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. Upstream bug: https://github.com/ImageMagick/ImageMagick/issues/679 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/19dbe11c5060f66abb393d1945107c5f54894fa8
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1486781]