Description
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick
before 7.0.3.3 allows remote attackers to have unspecified impact via a
crafted image, which triggers a memory allocation failure.
Notes
mdeslaur | the initial patch was incomplete and resulted in CVE-2016-8866
This is 0171-Lowered-max-map_length-to-prevent-an-overflow-271.patch |
Package
Upstream: | needs-triage
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was released [8:6.7.7.10-6ubuntu3.3])
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(8:6.8.9.9-7ubuntu5.3)
|
Patches:
Updated: 2019-12-05 18:46:32 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)