CVE-2018-6405

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-6405
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6405.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-6405
Downstream
Related
Published
2018-01-30T21:29:00Z
Modified
2025-10-10T01:27:42.851700Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3278fc22854db6236bcac95c963f0460b247a778
Type
GIT
Repo
https://github.com/imagemagick/imagemagick6
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
fe6c919ffe956a28087826073b3d533ee3b87ef6

Affected versions

6.*

6.9.4-0
6.9.4-1
6.9.4-10
6.9.4-2
6.9.4-3
6.9.4-4
6.9.4-5
6.9.4-6
6.9.4-7
6.9.4-8
6.9.4-9
6.9.5-0
6.9.5-1
6.9.5-10
6.9.5-2
6.9.5-3
6.9.5-4
6.9.5-5
6.9.5-6
6.9.5-7
6.9.5-8
6.9.5-9
6.9.6-0
6.9.6-1
6.9.6-2
6.9.6-3
6.9.6-4
6.9.6-5
6.9.6-6
6.9.6-7
6.9.6-8
6.9.7-0
6.9.7-1
6.9.7-10
6.9.7-2
6.9.7-3
6.9.7-4
6.9.7-5
6.9.7-6
6.9.7-7
6.9.7-8
6.9.7-9
6.9.8-0
6.9.8-1
6.9.8-10
6.9.8-2
6.9.8-3
6.9.8-4
6.9.8-5
6.9.8-6
6.9.8-7
6.9.8-8
6.9.8-9
6.9.9-0
6.9.9-1
6.9.9-10
6.9.9-11
6.9.9-12
6.9.9-13
6.9.9-14
6.9.9-15
6.9.9-17
6.9.9-18
6.9.9-19
6.9.9-2
6.9.9-20
6.9.9-21
6.9.9-22
6.9.9-23
6.9.9-24
6.9.9-25
6.9.9-26
6.9.9-27
6.9.9-28
6.9.9-29
6.9.9-3
6.9.9-30
6.9.9-31
6.9.9-32
6.9.9-33
6.9.9-34
6.9.9-4
6.9.9-5
6.9.9-6
6.9.9-7
6.9.9-8
6.9.9-9

7.*

7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.6-0
7.0.6-1
7.0.6-2
7.0.6-3
7.0.6-4
7.0.6-5
7.0.6-6
7.0.6-7
7.0.6-8
7.0.6-9
7.0.7-0
7.0.7-1
7.0.7-10
7.0.7-11
7.0.7-12
7.0.7-13
7.0.7-14
7.0.7-15
7.0.7-16
7.0.7-17
7.0.7-18
7.0.7-19
7.0.7-2
7.0.7-20
7.0.7-21
7.0.7-22
7.0.7-3
7.0.7-4
7.0.7-5
7.0.7-6
7.0.7-8
7.0.7-9
7.0.7.7

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2018-6405-237ab371",
            "digest": {
                "length": 4165.0,
                "function_hash": "174549838093824963011606393577566324275"
            },
            "target": {
                "function": "FxOperatorPrecedence",
                "file": "MagickCore/fx.c"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/3278fc22854db6236bcac95c963f0460b247a778",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function"
        },
        {
            "id": "CVE-2018-6405-a9c33d10",
            "digest": {
                "line_hashes": [
                    "7368723730650628299495536989707392415",
                    "38444483134926382049006828137605767340",
                    "181324996052434100112521657381919597484",
                    "202665483238523151720625381698885187292",
                    "163248604037358845186522867964271043970"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "coders/sixel.c"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/3278fc22854db6236bcac95c963f0460b247a778",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line"
        },
        {
            "id": "CVE-2018-6405-ac92c3c2",
            "digest": {
                "length": 635.0,
                "function_hash": "216164064737174095701038092019725948622"
            },
            "target": {
                "function": "get_params",
                "file": "coders/sixel.c"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/3278fc22854db6236bcac95c963f0460b247a778",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function"
        },
        {
            "id": "CVE-2018-6405-c547ceea",
            "digest": {
                "line_hashes": [
                    "14506741143791144854337711429724104819",
                    "259734791683846731672426035649556009981",
                    "34434602777197909828372166031083835547",
                    "320749183341654163787140637683923139753",
                    "219775680239919231027252668851838505937",
                    "121167628359434047203577183612862842065",
                    "96090577654565114165740927246950460438",
                    "36067022126598229402898403854917983440",
                    "108248970347698439430189627981118170116",
                    "60245068343414080660929639926030497231",
                    "187163405868859656044173062068664167660",
                    "91156981420042806155067768320631623148"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "MagickCore/fx.c"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/3278fc22854db6236bcac95c963f0460b247a778",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line"
        }
    ]
}