CVE-2016-8862

Priority
Description
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick
before 7.0.3.3 allows remote attackers to have unspecified impact via a
crafted image, which triggers a memory allocation failure.
Notes
mdeslaurthe initial patch was incomplete and resulted in CVE-2016-8866
This is 0171-Lowered-max-map_length-to-prevent-an-overflow-271.patch
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [8:6.7.7.10-6ubuntu3.3])
Ubuntu 16.04 LTS (Xenial Xerus):released (8:6.8.9.9-7ubuntu5.3)
Patches:
Upstream:https://github.com/ImageMagick/ImageMagick/commit/aea6c6507f55632829e6432f8177a084a57c9fcc
Upstream:https://github.com/ImageMagick/ImageMagick/commit/ab2c9d6a8dd6d71b161ec9cc57a588b116b52322
More Information

Updated: 2019-12-05 18:46:32 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)