CVE-2017-9501

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 4538.0,
                "function_hash": "184576522524342560105861870119388060830"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "id": "CVE-2017-9501-de5de045",
            "deprecated": false,
            "target": {
                "file": "magick/image.c",
                "function": "CloneImage"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "104448501572011206896564557131134130789",
                    "276403129837140639907468851443669130507",
                    "205074535407421944845506479513006542808",
                    "250252235955500537231283821405916530126"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "id": "CVE-2017-9501-edbfffcf",
            "deprecated": false,
            "target": {
                "file": "magick/image.c"
            },
            "source": "https://github.com/imagemagick/imagemagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74"
        }
    ]
}