[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information forCVE-2018-6930/imagemagick
Salvatore Bonaccorso
carnil at debian.org
Sun Feb 18 13:22:21 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e1b8d158 by Salvatore Bonaccorso at 2018-02-18T14:13:29+01:00
Update information forCVE-2018-6930/imagemagick
The use of the problematic buffer and CreateOpenCLBuffer has been
introduced later in the ImageMagick-7 development around 7.0.2. Exact
version not pin-pointed but likely when refactoring in
https://github.com/ImageMagick/ImageMagick/commit/66acef5cd2089f66bbdb7dc7b3b18e2eb6d792ae
the following changed:
@@ -4359,8 +4392,8 @@ static Image *ComputeResizeImage(const Image* image,MagickCLEnv clEnv,
resizeFilterCoefficient=GetResizeFilterCoefficient(resizeFilter);
for (i = 0; i < 7; i++)
coefficientBuffer[i]=(float) resizeFilterCoefficient[i];
- cubicCoefficientsBuffer=CreateOpenCLBuffer(device,CL_MEM_READ_ONLY |
- CL_MEM_COPY_HOST_PTR,7*sizeof(float),&coefficientBuffer);
+ cubicCoefficientsBuffer=CreateOpenCLBuffer(device,CL_MEM_COPY_HOST_PTR |
+ CL_MEM_READ_ONLY,7*sizeof(*resizeFilterCoefficient),&coefficientBuffer);
if (cubicCoefficientsBuffer == (cl_mem) NULL)
{
(void) OpenCLThrowMagickException(device,exception,GetMagickModule(),
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -658,9 +658,8 @@ CVE-2018-6932
CVE-2018-6931
RESERVED
CVE-2018-6930 (A stack-based buffer over-read in the ComputeResizeImage function in ...)
- - imagemagick <undetermined>
+ - imagemagick <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/967
- TODO: check
CVE-2018-6929
RESERVED
CVE-2018-6928 (PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e1b8d1584c21805e60902f8dc963f70f2c358907
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e1b8d1584c21805e60902f8dc963f70f2c358907
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180218/acf9c8ae/attachment.html>
More information about the Secure-testing-commits
mailing list