CVE-2017-12434

Priority
Low
Description
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the
function ReadMATImage in coders/mat.c, which allows attackers to cause a
denial of service (assertion failure) in DestroyImageInfo in image.c.
References
Bugs
Notes
 mdeslaur> trusty and xenial don't have the same code path and don't
 mdeslaur> appear vulnerable.
 mdeslaur> 0103-assertion-failed-in-DestroyImageInfo.patch in unstable
 mdeslaur> 0088-assertion-failed-in-DestroyImageInfo.patch in stretch
Package
Upstream:released (8:6.9.7.4+dfsg-14)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.04 (Zesty Zapus):ignored (reached end-of-life)
Ubuntu 17.10 (Artful Aardvark):not-affected (8:6.9.7.4+dfsg-16ubuntu2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (8:6.9.7.4+dfsg-16ubuntu2)
Patches:
Upstream:https://github.com/ImageMagick/ImageMagick/commit/6767f31cac3eacdc9dc41b3193a73bdd37610375
More Information

Updated: 2018-01-15 13:24:47 UTC (commit 14005)