Wind River Support Network

HomeDefectsLIN6-15015
Fixed

LIN6-15015 : Security Advisory - imagemagick - CVE-2018-16323

Created: Sep 16, 2018    Updated: Mar 8, 2020
Resolved Date: Mar 12, 2019
Found In Version: 6.0.0.37
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.

https://nvd.nist.gov/vuln/detail/CVE-2018-16323
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube