Detections
Analytics
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0581-1)
high Nessus Plugin ID 107116
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
This update for ImageMagick fixes the following issues :- CVE-2017-9405: A memory leak in the ReadICONImage function was fixed that could lead to DoS via memory exhaustion (bsc#1042911)
- CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service (memory leak) via a crafted file.
(bsc#1042824)
- CVE-2017-11166: In ReadXWDImage in coders\xwd.c a memoryleak could have caused memory exhaustion via a crafted length (bsc#1048110)
- CVE-2017-11170: ReadTGAImage in coders\tga.c allowed for memory exhaustion via invalid colors data in the header of a TGA or VST file (bsc#1048272)
- CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick allowed remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. (bsc#1049375)
- CVE-2017-11450: A remote denial of service in coders/jpeg.c was fixed (bsc#1049374)
- CVE-2017-11528: ReadDIBImage in coders/dib.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050119)
- CVE-2017-11530: ReadEPTImage in coders/ept.c allows remote attackers to cause DoS via memory exhaustion (bsc#1050122)
- CVE-2017-11531: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.
(bsc#1050126)
- CVE-2017-11533: A information leak by 1 byte due to heap-based buffer over-read in the WriteUILImage() in coders/uil.c was fixed (bsc#1050132)
- CVE-2017-11537: When ImageMagick processed a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation. (bsc#1050048)
- CVE-2017-11638, CVE-2017-11642: A NULL pointer dereference in theWriteMAPImage() in coders/map.c was fixed which could lead to a crash (bsc#1050617)
- CVE-2017-12418: ImageMagick had memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. (bsc#1052207)
- CVE-2017-12427: ProcessMSLScript coders/msl.c allowed remote attackers to cause a DoS (bsc#1052248)
- CVE-2017-12429: A memory exhaustion flaw in ReadMIFFImage in coders/miff.c was fixed, which allowed attackers to cause DoS (bsc#1052251)
- CVE-2017-12432: In ImageMagick, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allowed attackers to cause a denial of service. (bsc#1052254)
- CVE-2017-12566: A memory leak in ReadMVGImage in coders/mvg.c, could have allowed attackers to cause DoS (bsc#1052472)
- CVE-2017-12654: The ReadPICTImage function in coders/pict.c in ImageMagick allowed attackers to cause a denial of service (memory leak) via a crafted file.
(bsc#1052761)
- CVE-2017-12663: A memory leak in WriteMAPImage in coders/map.c was fixed that could lead to a DoS via memory exhaustion (bsc#1052754)
- CVE-2017-12664: ImageMagick had a memory leak vulnerability in WritePALMImage in coders/palm.c.
(bsc#1052750)
- CVE-2017-12665: ImageMagick had a memory leak vulnerability in WritePICTImage in coders/pict.c.
(bsc#1052747)
- CVE-2017-12668: ImageMagick had a memory leak vulnerability in WritePCXImage in coders/pcx.c.
(bsc#1052688)
- CVE-2017-12674: A CPU exhaustion in ReadPDBImage in coders/pdb.c was fixed, which allowed attackers to cause DoS (bsc#1052711)
- CVE-2017-13058: In ImageMagick, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allowed attackers to cause a denial of service via a crafted file. (bsc#1055069)
- CVE-2017-13131: A memory leak vulnerability was found in thefunction ReadMIFFImage in coders/miff.c, which allowed attackers tocause a denial of service (memory consumption in NewL (bsc#1055229)
- CVE-2017-14060: A NULL pointer Dereference issue in the ReadCUTImage function in coders/cut.c was fixed that could have caused a Denial of Service (bsc#1056768)
- CVE-2017-14139: A memory leak vulnerability in WriteMSLImage in coders/msl.c was fixed. (bsc#1057163)
- CVE-2017-14224: A heap-based buffer overflow in WritePCXImage in coders/pcx.c could lead to denial of service or code execution. (bsc#1058009)
- CVE-2017-17682: A large loop vulnerability was fixed in ExtractPostscript in coders/wpg.c, which allowed attackers to cause a denial of service (CPU exhaustion) (bsc#1072898)
- CVE-2017-17885: In ImageMagick, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allowed attackers to cause a denial of service via a crafted PICT image file. (bsc#1074119)
- CVE-2017-17934: A memory leak in the function MSLPopImage and ProcessMSLScript could have lead to a denial of service (bsc#1074170)
- CVE-2017-18028: A memory exhaustion in the function ReadTIFFImage in coders/tiff.c was fixed. (bsc#1076182)
- CVE-2018-5357: ImageMagick had memory leaks in the ReadDCMImage function in coders/dcm.c. (bsc#1075821)
- CVE-2018-6405: In the ReadDCMImage function in coders/dcm.c in ImageMagick, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer.
The previous pointer is lost, which leads to a memory leak. This allowed remote attackers to cause a denial of service. (bsc#1078433)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use YaST online_update.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2018-391=1
SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2018-391=1
SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-391=1
SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-391=1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-391=1
SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-391=1
SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-391=1
SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-391=1
SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-391=1
To bring your system up-to-date, use 'zypper patch'.
See Also
https://www.suse.com/security/cve/CVE-2017-12668/
https://www.suse.com/security/cve/CVE-2017-12674/
https://www.suse.com/security/cve/CVE-2017-13058/
https://www.suse.com/security/cve/CVE-2017-13131/
https://www.suse.com/security/cve/CVE-2017-14060/
https://www.suse.com/security/cve/CVE-2017-14139/
https://www.suse.com/security/cve/CVE-2017-14224/
https://www.suse.com/security/cve/CVE-2017-17682/
https://www.suse.com/security/cve/CVE-2017-17885/
https://www.suse.com/security/cve/CVE-2017-17934/
https://bugzilla.suse.com/show_bug.cgi?id=1042824
https://bugzilla.suse.com/show_bug.cgi?id=1042911
https://bugzilla.suse.com/show_bug.cgi?id=1048110
https://bugzilla.suse.com/show_bug.cgi?id=1048272
https://bugzilla.suse.com/show_bug.cgi?id=1049374
https://bugzilla.suse.com/show_bug.cgi?id=1049375
https://bugzilla.suse.com/show_bug.cgi?id=1050048
https://bugzilla.suse.com/show_bug.cgi?id=1050119
https://bugzilla.suse.com/show_bug.cgi?id=1050122
https://bugzilla.suse.com/show_bug.cgi?id=1050126
https://bugzilla.suse.com/show_bug.cgi?id=1050132
https://bugzilla.suse.com/show_bug.cgi?id=1050617
https://bugzilla.suse.com/show_bug.cgi?id=1052207
https://bugzilla.suse.com/show_bug.cgi?id=1052248
https://bugzilla.suse.com/show_bug.cgi?id=1052251
https://bugzilla.suse.com/show_bug.cgi?id=1052254
https://bugzilla.suse.com/show_bug.cgi?id=1052472
https://bugzilla.suse.com/show_bug.cgi?id=1052688
https://bugzilla.suse.com/show_bug.cgi?id=1052711
https://bugzilla.suse.com/show_bug.cgi?id=1052747
https://bugzilla.suse.com/show_bug.cgi?id=1052750
https://bugzilla.suse.com/show_bug.cgi?id=1052754
https://bugzilla.suse.com/show_bug.cgi?id=1052761
https://bugzilla.suse.com/show_bug.cgi?id=1055069
https://bugzilla.suse.com/show_bug.cgi?id=1055229
https://bugzilla.suse.com/show_bug.cgi?id=1056768
https://bugzilla.suse.com/show_bug.cgi?id=1057163
https://bugzilla.suse.com/show_bug.cgi?id=1058009
https://bugzilla.suse.com/show_bug.cgi?id=1072898
https://bugzilla.suse.com/show_bug.cgi?id=1074119
https://bugzilla.suse.com/show_bug.cgi?id=1074170
https://bugzilla.suse.com/show_bug.cgi?id=1075821
https://bugzilla.suse.com/show_bug.cgi?id=1076182
https://www.suse.com/security/cve/CVE-2017-18028/
https://www.suse.com/security/cve/CVE-2017-9405/
https://www.suse.com/security/cve/CVE-2017-9407/
https://www.suse.com/security/cve/CVE-2018-5357/
https://www.suse.com/security/cve/CVE-2018-6405/
http://www.nessus.org/u?f1802ee9
https://bugzilla.suse.com/show_bug.cgi?id=1078433
https://www.suse.com/security/cve/CVE-2017-11166/
https://www.suse.com/security/cve/CVE-2017-11170/
https://www.suse.com/security/cve/CVE-2017-11448/
https://www.suse.com/security/cve/CVE-2017-11450/
https://www.suse.com/security/cve/CVE-2017-11528/
https://www.suse.com/security/cve/CVE-2017-11530/
https://www.suse.com/security/cve/CVE-2017-11531/
https://www.suse.com/security/cve/CVE-2017-11533/
https://www.suse.com/security/cve/CVE-2017-11537/
https://www.suse.com/security/cve/CVE-2017-11638/
https://www.suse.com/security/cve/CVE-2017-11642/
https://www.suse.com/security/cve/CVE-2017-12418/
https://www.suse.com/security/cve/CVE-2017-12427/
https://www.suse.com/security/cve/CVE-2017-12429/
https://www.suse.com/security/cve/CVE-2017-12432/
https://www.suse.com/security/cve/CVE-2017-12566/
https://www.suse.com/security/cve/CVE-2017-12654/
https://www.suse.com/security/cve/CVE-2017-12663/
Plugin Details
Severity: High
ID: 107116
File Name: suse_SU-2018-0581-1.nasl
Version: 3.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/2/2018
Updated: 9/10/2019
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:imagemagick-debuginfo, p-cpe:/a:novell:suse_linux:libmagickcore-6_q16, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1, p-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1-debuginfo, p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16, p-cpe:/a:novell:suse_linux:libmagickwand-6_q16, p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-debuginfo, p-cpe:/a:novell:suse_linux:imagemagick, p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3-debuginfo, p-cpe:/a:novell:suse_linux:imagemagick-debugsource
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/1/2018
Vulnerability Publication Date: 6/2/2017
Reference Information
CVE: CVE-2017-11166, CVE-2017-11170, CVE-2017-11448, CVE-2017-11450, CVE-2017-11528, CVE-2017-11530, CVE-2017-11531, CVE-2017-11533, CVE-2017-11537, CVE-2017-11638, CVE-2017-11642, CVE-2017-12418, CVE-2017-12427, CVE-2017-12429, CVE-2017-12432, CVE-2017-12566, CVE-2017-12654, CVE-2017-12663, CVE-2017-12664, CVE-2017-12665, CVE-2017-12668, CVE-2017-12674, CVE-2017-13058, CVE-2017-13131, CVE-2017-14060, CVE-2017-14139, CVE-2017-14224, CVE-2017-17682, CVE-2017-17885, CVE-2017-17934, CVE-2017-18028, CVE-2017-9405, CVE-2017-9407, CVE-2018-5357, CVE-2018-6405