[Pkg-gmagick-im-team] Bug#1013282: imagemagick: CVE-2022-28463 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244 CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312 CVE-2021-20313 CVE-2021-4219 CVE-2022-1114 CVE-2022-1115

Moritz Mühlenhoff jmm at inutil.org
Mon Jun 20 16:35:07 BST 2022 

Source: imagemagick
X-Debbugs-CC: team at security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerabilities were published for imagemagick.

CVE-2022-28463[0]:
| ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
https://github.com/ImageMagick/ImageMagick/issues/4988
https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680


CVE-2021-20241[1]:
| A flaw was found in ImageMagick in coders/jp2.c. An attacker who
| submits a crafted file that is processed by ImageMagick could trigger
| undefined behavior in the form of math division by zero. The highest
| threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick/pull/3177
https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745


CVE-2021-20243[2]:
| A flaw was found in ImageMagick in MagickCore/resize.c. An attacker
| who submits a crafted file that is processed by ImageMagick could
| trigger undefined behavior in the form of math division by zero. The
| highest threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick/pull/3193
ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745


CVE-2021-20244[3]:
| A flaw was found in ImageMagick in MagickCore/visual-effects.c. An
| attacker who submits a crafted file that is processed by ImageMagick
| could trigger undefined behavior in the form of math division by zero.
| The highest threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick/pull/3194
ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c8d674946a687f40a126166edf470733fc8ede02


CVE-2021-20245[4]:
| A flaw was found in ImageMagick in coders/webp.c. An attacker who
| submits a crafted file that is processed by ImageMagick could trigger
| undefined behavior in the form of math division by zero. The highest
| threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick/issues/3176
ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a78d92dc0f468e79c3d761aae9707042952cdaca


CVE-2021-20246[5]:
| A flaw was found in ImageMagick in MagickCore/resample.c. An attacker
| who submits a crafted file that is processed by ImageMagick could
| trigger undefined behavior in the form of math division by zero. The
| highest threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick/issues/3195
https://github.com/ImageMagick/ImageMagick6/commit/f3190d4a6e6e8556575c84b5d976f77d111caa74


CVE-2021-20309[6]:
| A flaw was found in ImageMagick in versions before 7.0.11 and before
| 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-
| effects.c may trigger undefined behavior via a crafted image file
| submitted to an application using ImageMagick. The highest threat from
| this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick6/commit/f1e68d22d1b35459421710587a0dcbab6900b51f


CVE-2021-20312[7]:
| A flaw was found in ImageMagick in versions 7.0.11, where an integer
| overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger
| undefined behavior via a crafted image file that is submitted by an
| attacker and processed by an application using ImageMagick. The
| highest threat from this vulnerability is to system availability.

https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e


CVE-2021-20313[8]:
| A flaw was found in ImageMagick in versions before 7.0.11. A potential
| cipher leak when the calculate signatures in TransformSignature is
| possible. The highest threat from this vulnerability is to data
| confidentiality.

https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e



CVE-2021-4219[9]:
| A flaw was found in ImageMagick. The vulnerability occurs due to
| improper use of open functions and leads to a denial of service. This
| flaw allows an attacker to crash the system.

https://github.com/ImageMagick/ImageMagick/issues/4626
https://github.com/ImageMagick/ImageMagick6/commit/c10351c16b8d2cabd11d2627a02de522570f6ceb


CVE-2022-1114[10]:
| A heap-use-after-free flaw was found in ImageMagick's
| RelinquishDCMInfo() function of dcm.c file. This vulnerability is
| triggered when an attacker passes a specially crafted DICOM image file
| to ImageMagick for conversion, potentially leading to information
| disclosure and a denial of service.

https://github.com/ImageMagick/ImageMagick/issues/4947
https://github.com/ImageMagick/ImageMagick6/commit/78f03b619d08d7c2e0fcaccab407e3ac93c2ee8f

CVE-2022-1115[11]:

https://github.com/ImageMagick/ImageMagick/issues/4974
https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51

	
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-28463
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463
[1] https://security-tracker.debian.org/tracker/CVE-2021-20241
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20241
[2] https://security-tracker.debian.org/tracker/CVE-2021-20243
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20243
[3] https://security-tracker.debian.org/tracker/CVE-2021-20244
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20244
[4] https://security-tracker.debian.org/tracker/CVE-2021-20245
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20245
[5] https://security-tracker.debian.org/tracker/CVE-2021-20246
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20246
[6] https://security-tracker.debian.org/tracker/CVE-2021-20309
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20309
[7] https://security-tracker.debian.org/tracker/CVE-2021-20312
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20312
[8] https://security-tracker.debian.org/tracker/CVE-2021-20313
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20313
[9] https://security-tracker.debian.org/tracker/CVE-2021-4219
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4219
[10] https://security-tracker.debian.org/tracker/CVE-2022-1114
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1114
[11] https://security-tracker.debian.org/tracker/CVE-2022-1115
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115

Please adjust the affected versions in the BTS as needed.

More information about the Pkg-gmagick-im-team mailing list