In ImageMagick, a division by zero can lead to outside the range of representable value at MagickCore/geometry.c and signed integer overflow at MagickCore/decorate.c. Reference: https://github.com/ImageMagick/ImageMagick/issues/1725 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/f35eca82b0c294ff9d0ccad104a881c3ae2ba913
Acknowledgments: Name: Suhwan Song (Seoul National University)
Flaw summary: In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior. This flaw can be triggered by a crafted input file processed by ImageMagick and could impact application availability. The patch uses multiplication in addition to the function `PerceptibleReciprocal()` in order to prevent such divide-by-zero conditions.
Statement: This flaw is out of support scope for Red Hat Enterprise Linux 5, 6, and 7. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8. For more information regarding support scopes, please see https://access.redhat.com/support/policy/updates/errata .
Created ImageMagick tracking bugs for this issue: Affects: epel-8 [bug 1901257] Affects: fedora-all [bug 1901258]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27756