Hide Forgot
An out-of-bounds write to memory has been found in PHP imagick extension versions between 3.3.0 - 3.4.4 in function ImagickKernel::fromMatrix() leading to possible crash and DoS. Upstream bug: https://bugs.php.net/bug.php?id=77791
Created php-pecl-imagick tracking bugs for this issue: Affects: fedora-all [bug 1708571]
Upstream Patch: https://github.com/mkoppanen/imagick/commit/7187b37250b87edb75160c7beda980f2fa308f5d
Introduced by: https://github.com/mkoppanen/imagick/commit/a3cc177f8ed38937960e27765816e2f7a6de7391
Statement: This vulnerability does not affect the php55-php-pecl-imagick package shipped in OpenShift Container Platform 3.4 as it does not contain the vulnerable code. The vulnerable source file, imagickkernel_class.c, was added to php-imagick in version 3.3.0. OpenShift Container Platform ships version 3.1.2 and does not contain this source file.