In ImageMagick, there are outside the range of representable values of type 'unsigned long long' bugs at coders/txt.c. Reference: https://github.com/ImageMagick/ImageMagick/issues/1719 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/f0a8d407b2801174fd8923941a9e7822f7f9a506
Acknowledgments: Name: Suhwan Song (Seoul National University)
In the txt coder at /coders/txt.c, ReadTXTImage() computes pixel values that could land outside the range of type unsigned long long due to improper max constraints. This flaw can be triggered when ImageMagick processes crafted input under certain conditions. Red Hat Product Security marked this as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case.
Statement: This flaw is out of support scope for Red Hat Enterprise Linux 5, 6, and 7. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8. For more information regarding support scopes, please see https://access.redhat.com/support/policy/updates/errata .
Created ImageMagick tracking bugs for this issue: Affects: epel-8 [bug 1901261] Affects: fedora-all [bug 1901262]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27758