Wind River Support Network

HomeDefectsLIN9-5791

Fixed

LIN9-5791 : Security Advisory - imagemagick - CVE-2017-16546

Created: Nov 13, 2017 Updated: Dec 3, 2018

Resolved Date: Nov 29, 2017

Found In Version: 9.0.0.12

Fix Version: 9.0.0.13

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.

https://nvd.nist.gov/vuln/detail/CVE-2017-16546

Other Downloads

Wind River Linux 9.0.0.13
Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-16546