The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "graphicsmagick" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "graphicsmagick-dbg" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "graphicsmagick-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "graphicsmagick-imagemagick-compat" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "graphicsmagick-libmagick-dev-compat" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphics-magick-perl" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphics-magick-perl-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick++-q16-12" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick++-q16-12-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick++1-dev" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick++1-dev-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick-q16-3" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick-q16-3-dbgsym" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick1-dev" }, { "binary_version": "1.3.23-1ubuntu0.2", "binary_name": "libgraphicsmagick1-dev-dbgsym" } ] }