PublicDateAtUSN: 2020-12-08 22:15:00 UTC
Candidate: CVE-2020-25675
PublicDate: 2020-12-08 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25675
 https://ubuntu.com/security/notices/USN-4988-1
Description:
 In the CropImage() and CropImageToTiles() routines of
 MagickCore/transform.c, rounding calculations performed on unconstrained
 pixel offsets was causing undefined behavior in the form of integer
 overflow and out-of-range values as reported by UndefinedBehaviorSanitizer.
 Such issues could cause a negative impact to application availability or
 other problems related to undefined behavior, in cases where ImageMagick
 processes untrusted input data. The upstream patch introduces functionality
 to constrain the pixel offsets and prevent these issues. This flaw affects
 ImageMagick versions prior to 7.0.9-0.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 https://github.com/ImageMagick/ImageMagick/issues/1731
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L [3.3 LOW]


Patches_imagemagick:
 upstream: https://github.com/ImageMagick/ImageMagick6/commit/6b169173585127299f4724f7880b575879c7f033
upstream_imagemagick: released (8:6.9.11.24+dfsg-1)
precise/esm_imagemagick: DNE
trusty_imagemagick: ignored (out of standard support)
trusty/esm_imagemagick: DNE
xenial_imagemagick: ignored (end of standard support, was needs-triage)
esm-infra/xenial_imagemagick: needs-triage
bionic_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu6.11)
focal_imagemagick: released (8:6.9.10.23+dfsg-2.1ubuntu11.4)
groovy_imagemagick: released (8:6.9.10.23+dfsg-2.1ubuntu13.3)
hirsute_imagemagick: not-affected (8:6.9.11.60+dfsg-1ubuntu1)
impish_imagemagick: not-affected (8:6.9.11.60+dfsg-1ubuntu1)
jammy_imagemagick: not-affected (8:6.9.11.60+dfsg-1ubuntu1)
devel_imagemagick: not-affected (8:6.9.11.60+dfsg-1ubuntu1)