{"id":"MGASA-2022-0446","summary":"Updated imagemagick packages fix security vulnerability","details":"A vulnerability was found in ImageMagick-7.0.11-5, where executing a\ncrafted file with the convert command, ASAN detects memory leaks.\n(CVE-2021-3574)\n\nA flaw was found in ImageMagick. The vulnerability occurs due to improper\nuse of open functions and leads to a denial of service. This flaw allows\nan attacker to crash the system. (CVE-2021-4219)\n\nAn integer overflow issue was discovered in ImageMagick's\nExportIndexQuantum() function in MagickCore/quantum-export.c. Function\ncalls to GetPixelIndex() could result in values outside the range of\nrepresentable for the 'unsigned char'. When ImageMagick processes a\ncrafted pdf file, this could lead to an undefined behaviour or a crash.\n(CVE-2021-20224)\n\nA flaw was found in ImageMagick in versions before 7.0.11 and before\n6.9.12, where a division by zero in WaveImage() of\nMagickCore/visual-effects.c may trigger undefined behavior via a crafted\nimage file submitted to an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20309)\n\nA flaw was found in ImageMagick in versions before 7.0.11, where a\ndivision by zero in sRGBTransformImage() in the MagickCore/colorspace.c\nmay trigger undefined behavior via a crafted image file that is submitted\nby an attacker processed by an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20311)\n\nA flaw was found in ImageMagick in versions 7.0.11, where an integer\noverflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger\nundefined behavior via a crafted image file that is submitted by an\nattacker and processed by an application using ImageMagick. The highest\nthreat from this vulnerability is to system availability. (CVE-2021-20312)\n\nA flaw was found in ImageMagick in versions before 7.0.11. A potential\ncipher leak when the calculate signatures in TransformSignature is\npossible. The highest threat from this vulnerability is to data\nconfidentiality. (CVE-2021-20313)\n\nA heap-based-buffer-over-read flaw was found in ImageMagick's\nGetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is\ntriggered when an attacker passes a specially crafted Tagged Image File\nFormat (TIFF) image to convert it into a PICON file format. This issue can\npotentially lead to a denial of service and information disclosure.\n(CVE-2022-0284)\n\nA heap-use-after-free flaw was found in ImageMagick's RelinquishDCMInfo()\nfunction of dcm.c file. This vulnerability is triggered when an attacker\npasses a specially crafted DICOM image file to ImageMagick for conversion,\npotentially leading to information disclosure and a denial of service.\n(CVE-2022-1114)\n\nIn GraphicsMagick, a heap buffer overflow was found when parsing MIFF.\n(CVE-2022-1270)\n\nIn ImageMagick, a crafted file could trigger an assertion failure when a\ncall to WriteImages was made in MagickWand/operation.c, due to a NULL\nimage list. This could potentially cause a denial of service. This was\nfixed in upstream ImageMagick version 7.1.0-30. (CVE-2022-2719)\n\nA heap buffer overflow issue was found in ImageMagick. When an application\nprocesses a malformed TIFF file, it could lead to undefined behavior or a\ncrash causing a denial of service. (CVE-2022-3213)\n\nImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)\n\nA vulnerability was found in ImageMagick, causing an outside the range of\nrepresentable values of type 'unsigned char' at coders/psd.c, when crafted\nor untrusted input is processed. This leads to a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32545)\n\nA vulnerability was found in ImageMagick, causing an outside the range of\nrepresentable values of type 'unsigned long' at coders/pcl.c, when crafted\nor untrusted input is processed. This leads to a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32546)\n\nIn ImageMagick, there is load of misaligned address for type 'double',\nwhich requires 8 byte alignment and for type 'float', which requires 4\nbyte alignment at MagickCore/property.c. Whenever crafted or untrusted\ninput is processed by ImageMagick, this causes a negative impact to\napplication availability or other problems related to undefined behavior.\n(CVE-2022-32547)\n","modified":"2026-04-16T04:42:52.784365911Z","published":"2022-12-06T23:32:48Z","upstream":["CVE-2021-20224","CVE-2021-20309","CVE-2021-20311","CVE-2021-20312","CVE-2021-20313","CVE-2021-3574","CVE-2021-4219","CVE-2022-0284","CVE-2022-1114","CVE-2022-1270","CVE-2022-2719","CVE-2022-28463","CVE-2022-3213","CVE-2022-32545","CVE-2022-32546","CVE-2022-32547"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0446.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29054"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QPPJFFJWUIW3K6NB472QVFG522DWQZET/"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5158-1"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZUE6OO6UE5NEQ2LYEJSEB2AXREVWZVMB/"},{"type":"WEB","url":"https://www.debian.org/lts/security/2022/dla-3007"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/U4SLHXE2O3IXMI4KAK7QSBITGXIK6OW2/"},{"type":"WEB","url":"https://lists.suse.com/pipermail/sle-security-updates/2022-May/011200.html"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5456-1"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FYRR2QY5S3HG4B4EAPF6BVV54BZQPUX5/"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5534-1"},{"type":"WEB","url":"https://lists.suse.com/pipermail/sle-security-updates/2022-September/012065.html"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DQYFWVB5WL5D7BG6DWWI7RKZDHYKRQR6/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LNVDNM4ZEIYPT3SLZHPYN7OG4CZLEXZJ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/T6VPXZJUL64MXAMQ4JA6V6TYNOXDC6SQ/"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/65CCSW6TK2CGQU6OYUEHQBBH6OSPKUJP/"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5736-1"}],"affected":[{"package":{"name":"imagemagick","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.1.0.52-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"abydos","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/abydos?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.3-4.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"converseen","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/converseen?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.8.1-4.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"digikam","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/digikam?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.1.0-4.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"libopenshot","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/libopenshot?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.5-5.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"php-imagick","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php-imagick?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.5-0.git20201230.2.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"synfig","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/synfig?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.2-11.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"windowmaker","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/windowmaker?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.95.9-3.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"xine-lib1.2","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/xine-lib1.2?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.11-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"zbar","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/zbar?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.23.1-5.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"imagemagick","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/imagemagick?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.1.0.52-1.1.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"abydos","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/abydos?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.2.3-4.2.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"transcode","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/transcode?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.7-29.2.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}},{"package":{"name":"xine-lib1.2","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/xine-lib1.2?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.11-1.2.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0446.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}