In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels. Reference: https://github.com/ImageMagick/ImageMagick/issues/1588 Upstream commit: https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7 https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1727740]
Statement: This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they did not include the vulnerable function.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13391