New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2017-14175: denial of service (DoS) issue in ReadXBMImage():345 in coders/xbm.c #712
Comments
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
Can we request a CVE ID for this issue? |
|
Yes, request a CVE. |
|
I mean can we request a CVE ID from you, or do we have to get one from MITRE? |
|
We don't issue CVE's. |
|
OK. I see. |
|
This is CVE-2017-14175. |
Hello all.
We found a denial of service (DoS) issue in Imagemagick-7.0.6-1 Q16 x86_64, which can cause huge CPU and memory consumption.
These issues are quite similar to the bugs we have found in GraphicsMagick (CVE-2017-13775, CVE-2017-13776 and CVE-2017-13777).
The vulnerable code is shown as below.
A crafted XBM image file, which claims large image->rows and image->columns but does not contain sufficient backing data, would cause a large and heavy loop at line 345 since there is no EOF check inside.
PoC: https://github.com/shqking/imagemagick-poc/blob/master/x_xbm_poc.xbm
The command we was using is
convert x_xbm_poc.xbm test.jpgIn our tests we used a machine with Intel(R) Xeon(R) CPU E5-2680 v3 @ 2.50GHz, 4 CPU cores and 16GB RAM.
This issue caused 100% CPU and up to 4GB memory consumption.
Note that this process lasted for more than 7 minutes.
Note that this issue was found by Xiaohei and Wangchu from Alibaba Security Team.
The text was updated successfully, but these errors were encountered: