GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "graphicsmagick" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "graphicsmagick-dbg" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "graphicsmagick-dbgsym" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "graphicsmagick-imagemagick-compat" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "graphicsmagick-libmagick-dev-compat" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphics-magick-perl" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphics-magick-perl-dbgsym" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick++1-dev" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick++1-dev-dbgsym" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick++3" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick++3-dbgsym" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick1-dev" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick1-dev-dbgsym" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick3" }, { "binary_version": "1.3.18-1ubuntu3.1+esm4", "binary_name": "libgraphicsmagick3-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "graphicsmagick" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "graphicsmagick-dbg" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "graphicsmagick-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "graphicsmagick-imagemagick-compat" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "graphicsmagick-libmagick-dev-compat" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphics-magick-perl" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphics-magick-perl-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick++-q16-12" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick++-q16-12-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick++1-dev" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick++1-dev-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick-q16-3" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick-q16-3-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick1-dev" }, { "binary_version": "1.3.23-1ubuntu0.4", "binary_name": "libgraphicsmagick1-dev-dbgsym" } ] }