A flaw was found in ImageMagick. The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). References: https://github.com/ImageMagick/ImageMagick/issues/999 Patches: https://github.com/ImageMagick/ImageMagick/commit/5c0e1a31bc44829b1024ce599097f43285a05a42 https://github.com/ImageMagick/ImageMagick/commit/1f7c6b153882896e7a569a6e8a362ce2a11a8b1f
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1549670]