CVE-2017-12674 in Ubuntu

CVE-2017-12674 (retired)

Priority

Description

In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the
function ReadPDBImage in coders/pdb.c, which allows attackers to cause a
denial of service.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12674
https://usn.ubuntu.com/usn/usn-3681-1

Bugs

https://github.com/ImageMagick/ImageMagick/issues/604
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872609

Notes

mdeslaur> 0286-CVE-2017-12674-Fix-CPU-exhaustion-in-ReadPDBImage.patch in wheezy

Package

Source: imagemagick (LP Ubuntu Debian)

Upstream:	released (8:6.9.9.34+dfsg-1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	released (8:6.8.9.9-7ubuntu5.11)
Ubuntu 18.04 LTS (Bionic Beaver):	released (8:6.9.7.4+dfsg-16ubuntu6.2)

Patches:

Upstream:

https://github.com/ImageMagick/ImageMagick/commit/5a91708c6b70bd4e3d2b931465307e0aeababb3c

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-08-23 09:13:15 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)