CVE-2017-12935 The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978 https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-heap-based-buffer-overflow-in-readsunimage-sun-c/ CVE-2017-12936 The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-use-after-free-in-readwmfimage-wmf-c/ CVE-2017-12937 The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188 https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-invalid-memory-read-in-setimagecolorcallback-image-c/
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1475494] Affects: fedora-all [bug 1475495]
CVE-2017-13063 GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. https://sourceforge.net/p/graphicsmagick/bugs/434/ http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a CVE-2017-13064 GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. https://sourceforge.net/p/graphicsmagick/bugs/436/ http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a CVE-2017-13065 GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. https://sourceforge.net/p/graphicsmagick/bugs/435/ http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a
CVE-2017-13648 In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c. https://sourceforge.net/p/graphicsmagick/bugs/433/
CVE-2017-14042 A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c. http://hg.code.sf.net/p/graphicsmagick/code/rev/3bbf7a13643d https://blogs.gentoo.org/ago/2017/08/28/graphicsmagick-memory-allocation-failure-in-magickrealloc-memory-c-2/
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.