USN-6980-1: ImageMagick Vulnerabilities Explained

Recently disclosed vulnerabilities in ImageMagick, a popular software suite extensively used for editing and manipulating image files, have raised significant security concerns. This article dives deep into the implications of these vulnerabilities and provides essential information to users and developers relying on ImageMagick.

Identified under the alert USN-6980-1, a series of vulnerabilities have been disclosed affecting various versions of ImageMagick. If exploited, these vulnerabilities can lead to denial of service (DoS) attacks or even arbitrary code execution, potentially allowing attackers to take control of affected systems.

Vulnerability Overview:

  • CVE-2018-18025: A flaw in the EncodeImage function can trigger a buffer over-read, leading to a DoS when processing crafted SVG files.
  • CVE-2018-17966: Memory leak in the WritePDBImage function affects ImageMagick's handling of PDB files.
  • CVE-2018-16412: Similar to CVE-2018-18025, this vulnerability involves a buffer over-read in the ParseImageResourceBlocks function when handling PSD files.
  • CVE-2018-16413: An issue in the PushShortPixel function, again related to processing PSD files, leading to buffer over-reads.
  • CVE-2018-18024: An infinite loop in the ReadBMPImage function allows attackers to cause a DoS through specific BMP files.
  • CVE-2018-18016: Another memory leak, this time in the WritePCXImage function, affects PCX image handling.
  • CVE-2018-20467: A crafted file can cause an infinite loop in coders/bmp.c before version 7.0.8-16, leading to high resource consumption.
  • CVE-2017-12806 and CVE-2017-12805: Both vulnerabilities involve memory exhaustion techniques that could be triggered by maliciously crafted files, causing a DoS.
  • CVE-2017-13144: An issue where overly large image dimensions cause a crash rather than generating an error message.

It's important for users and administrators to understand that these vulnerabilities primarily affect versions of ImageMagick prior to 7.0.8-16. Users of earlier versions should urgently upgrade or apply patches as recommended by ImageMagick or their software distribution.

The potential for these vulnerabilities to be exploited varies, but involves scenarios where an attacker could submit malicious files to web applications or services that use ImageMagick for processing images. This is common in web platforms that allow image uploads, such as forums, e-commerce sites, and content management systems.

For developers and administrators, it is crucial to configure ImageMagick securely and restrict the types of files and sources accepted by applications using ImageMagick. Regular updates and following security practices recommended by the ImageMagick community can mitigate the risks posed by these vulnerabilities.

To stay updated and secure, please visit LinuxPatch for more detailed information and timely updates on this and other security issues.