openSUSE Security Update : ImageMagick (openSUSE-2021-136)

high Nessus Plugin ID 145361

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for ImageMagick fixes the following issues :

- CVE-2020-19667: Fixed a stack-based buffer overflow in XPM coder could result in a crash (bsc#1179103).

- CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel (bsc#1179202).

- CVE-2020-25665: Fixed a heap-based buffer overflow in WritePALMImage (bsc#1179208).

- CVE-2020-25666: Fixed an outside the range of representable values of type 'int' and signed integer overflow (bsc#1179212).

- CVE-2020-25674: Fixed a heap-based buffer overflow in WriteOnePNGImage (bsc#1179223).

- CVE-2020-25675: Fixed an outside the range of representable values of type 'long' and integer overflow (bsc#1179240).

- CVE-2020-25676: Fixed an outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c (bsc#1179244).

- CVE-2020-27750: Fixed a division by zero in MagickCore/colorspace-private.h (bsc#1179260).

- CVE-2020-27751: Fixed an integer overflow in MagickCore/quantum-export.c (bsc#1179269).

- CVE-2020-27752: Fixed a heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h (bsc#1179346).

- CVE-2020-27753: Fixed memory leaks in AcquireMagickMemory function (bsc#1179397).

- CVE-2020-27754: Fixed an outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c (bsc#1179336).

- CVE-2020-27755: Fixed memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c (bsc#1179345).

- CVE-2020-27756: Fixed a division by zero at MagickCore/geometry.c (bsc#1179221).

- CVE-2020-27757: Fixed an outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h (bsc#1179268).

- CVE-2020-27758: Fixed an outside the range of representable values of type 'unsigned long long' (bsc#1179276).

- CVE-2020-27759: Fixed an outside the range of representable values of type 'int' at MagickCore/quantize.c (bsc#1179313).

- CVE-2020-27760: Fixed a division by zero at MagickCore/enhance.c (bsc#1179281).

- CVE-2020-27761: Fixed an outside the range of representable values of type 'unsigned long' at coders/palm.c (bsc#1179315).

- CVE-2020-27762: Fixed an outside the range of representable values of type 'unsigned char' (bsc#1179278).

- CVE-2020-27763: Fixed a division by zero at MagickCore/resize.c (bsc#1179312).

- CVE-2020-27764: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179317).

- CVE-2020-27765: Fixed a division by zero at MagickCore/segment.c (bsc#1179311).

- CVE-2020-27766: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179361).

- CVE-2020-27767: Fixed an outside the range of representable values of type 'float' at MagickCore/quantum.h (bsc#1179322).

- CVE-2020-27768: Fixed an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h (bsc#1179339).

- CVE-2020-27769: Fixed an outside the range of representable values of type 'float' at MagickCore/quantize.c (bsc#1179321).

- CVE-2020-27770: Fixed an unsigned offset overflowed at MagickCore/string.c (bsc#1179343).

- CVE-2020-27771: Fixed an outside the range of representable values of type 'unsigned char' at coders/pdf.c (bsc#1179327).

- CVE-2020-27772: Fixed an outside the range of representable values of type 'unsigned int' at coders/bmp.c (bsc#1179347).

- CVE-2020-27773: Fixed a division by zero at MagickCore/gem-private.h (bsc#1179285).

- CVE-2020-27774: Fixed an integer overflow at MagickCore/statistic.c (bsc#1179333).

- CVE-2020-27775: Fixed an outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h (bsc#1179338).

- CVE-2020-27776: Fixed an outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c (bsc#1179362).

- CVE-2020-29599: Fixed a shell command injection in
-authenticate (bsc#1179753).

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected ImageMagick packages.

Plugin Details

Severity: High

ID: 145361

File Name: openSUSE-2021-136.nasl

Version: 1.3

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/25/2021

Updated: 1/26/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2020-29599

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libmagickcore-7_q16hdri6, p-cpe:/a:novell:opensuse:perl-perlmagick-debuginfo, p-cpe:/a:novell:opensuse:imagemagick-devel, p-cpe:/a:novell:opensuse:imagemagick-extra, p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel, p-cpe:/a:novell:opensuse:libmagick%2b%2b-7_q16hdri4-debuginfo, p-cpe:/a:novell:opensuse:imagemagick, p-cpe:/a:novell:opensuse:libmagickwand-7_q16hdri6-32bit, p-cpe:/a:novell:opensuse:imagemagick-config-7-upstream, p-cpe:/a:novell:opensuse:libmagickcore-7_q16hdri6-32bit-debuginfo, p-cpe:/a:novell:opensuse:libmagickcore-7_q16hdri6-debuginfo, p-cpe:/a:novell:opensuse:libmagickwand-7_q16hdri6, p-cpe:/a:novell:opensuse:libmagick%2b%2b-7_q16hdri4-32bit, p-cpe:/a:novell:opensuse:imagemagick-debuginfo, p-cpe:/a:novell:opensuse:perl-perlmagick, cpe:/o:novell:opensuse:15.2, p-cpe:/a:novell:opensuse:libmagick%2b%2b-7_q16hdri4, p-cpe:/a:novell:opensuse:imagemagick-devel-32bit, p-cpe:/a:novell:opensuse:libmagick%2b%2b-7_q16hdri4-32bit-debuginfo, p-cpe:/a:novell:opensuse:imagemagick-config-7-suse, p-cpe:/a:novell:opensuse:libmagickcore-7_q16hdri6-32bit, p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit, p-cpe:/a:novell:opensuse:libmagickwand-7_q16hdri6-debuginfo, p-cpe:/a:novell:opensuse:libmagickwand-7_q16hdri6-32bit-debuginfo, p-cpe:/a:novell:opensuse:imagemagick-extra-debuginfo, p-cpe:/a:novell:opensuse:imagemagick-debugsource

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/22/2021

Vulnerability Publication Date: 11/20/2020

Reference Information

CVE: CVE-2020-19667, CVE-2020-25664, CVE-2020-25665, CVE-2020-25666, CVE-2020-25674, CVE-2020-25675, CVE-2020-25676, CVE-2020-27750, CVE-2020-27751, CVE-2020-27752, CVE-2020-27753, CVE-2020-27754, CVE-2020-27755, CVE-2020-27756, CVE-2020-27757, CVE-2020-27758, CVE-2020-27759, CVE-2020-27760, CVE-2020-27761, CVE-2020-27762, CVE-2020-27763, CVE-2020-27764, CVE-2020-27765, CVE-2020-27766, CVE-2020-27767, CVE-2020-27768, CVE-2020-27769, CVE-2020-27770, CVE-2020-27771, CVE-2020-27772, CVE-2020-27773, CVE-2020-27774, CVE-2020-27775, CVE-2020-27776, CVE-2020-29599

Detections

Analytics