Bug 1598471 – CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in MagickCore/animate.c

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1598471 - (CVE-2018-13153) CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in MagickCore/animate.c

Summary:	CVE-2018-13153 ImageMagick: memory leak in the XMagickCommand function in Mag...

Status:	NEW

Aliases:	CVE-2018-13153

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20180704,reported=2...
Keywords:	Security

Depends On:	1598472 1598473 1603134
Blocks:	1598474
	Show dependency tree / graph

Reported:	2018-07-05 11:16 EDT by Laura Pardo
Modified:	2018-07-19 11:21 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A memory leak was discovered in ImageMagick in the XMagickCommand function in animate.c file. An array of strings, named filelist, is allocated on the heap but not released in case the function ExpandFilenames returns an error code.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Laura Pardo 2018-07-05 11:16:31 EDT

A flaw was found in ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.


References:
https://github.com/ImageMagick/ImageMagick/issues/1195

Upstream Patch:
https://github.com/ImageMagick/ImageMagick/commit/4ab4849d667e26df0e63ece9d63ae23bc7ab0fa1
https://github.com/ImageMagick/ImageMagick6/commit/6ce6d25b47caf9b6b2979a510b6202ce0f3dd2d4

Comment 1 Laura Pardo 2018-07-05 11:17:07 EDT

Created ImageMagick tracking bugs for this issue:

Affects: fedora-all [bug 1598472]

Comment 4 Riccardo Schirone 2018-07-19 05:32:51 EDT

A memory leak is present in magick/animate.c:XMagickCommand, where the memory for an array of strings, named `filelist`, is allocated but not correctly released in case the function ExpandFilenames return an error code.

Note You need to log in before you can comment on or make changes to this bug.