Wind River Support Network

HomeDefectsLIN9-7407

Fixed

LIN9-7407 : Security Advisory - imagemagick - CVE-2018-15607

Created: Aug 31, 2018 Updated: Nov 6, 2018

Resolved Date: Oct 31, 2018

Found In Version: 9.0.0.17

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

https://nvd.nist.gov/vuln/detail/CVE-2018-15607

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-15607