GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "graphicsmagick", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "graphicsmagick-dbg", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "graphicsmagick-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "graphicsmagick-imagemagick-compat", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "graphicsmagick-libmagick-dev-compat", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphics-magick-perl", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphics-magick-perl-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick++1-dev", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick++1-dev-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick++3", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick++3-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick1-dev", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick1-dev-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick3", "binary_version": "1.3.18-1ubuntu3.1+esm4" }, { "binary_name": "libgraphicsmagick3-dbgsym", "binary_version": "1.3.18-1ubuntu3.1+esm4" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "graphicsmagick", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "graphicsmagick-dbg", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "graphicsmagick-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "graphicsmagick-imagemagick-compat", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "graphicsmagick-libmagick-dev-compat", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphics-magick-perl", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphics-magick-perl-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick++-q16-12", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick++-q16-12-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick++1-dev", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick++1-dev-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick-q16-3", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick-q16-3-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick1-dev", "binary_version": "1.3.23-1ubuntu0.4" }, { "binary_name": "libgraphicsmagick1-dev-dbgsym", "binary_version": "1.3.23-1ubuntu0.4" } ] }