CVE-2018-16644

There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

16916c8979c32765c542e216b31cee2671b7afe7

Fixed

afa878a689870c28b6994ecf3bb8dbfb2b76d135

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-10

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.0.1-7

7.0.1-8

7.0.1-9

7.0.2-0

7.0.2-1

7.0.2-10

7.0.2-2

7.0.2-3

7.0.2-4

7.0.2-5

7.0.2-6

7.0.2-7

7.0.2-8

7.0.2-9

7.0.3-0

7.0.3-1

7.0.3-10

7.0.3-2

7.0.3-3

7.0.3-4

7.0.3-5

7.0.3-6

7.0.3-7

7.0.3-8

7.0.3-9

7.0.4-0

7.0.4-1

7.0.4-10

7.0.4-2

7.0.4-3

7.0.4-4

7.0.4-5

7.0.4-6

7.0.4-7

7.0.4-8

7.0.4-9

7.0.5-0

7.0.5-1

7.0.5-10

7.0.5-2

7.0.5-3

7.0.5-4

7.0.5-5

7.0.5-6

7.0.5-7

7.0.5-8

7.0.5-9

7.0.6-0

7.0.6-1

7.0.6-2

7.0.6-3

7.0.6-4

7.0.6-5

7.0.6-6

7.0.6-7

7.0.6-8

7.0.6-9

7.0.7-0

7.0.7-1

7.0.7-10

7.0.7-11

7.0.7-12

7.0.7-13

7.0.7-14

7.0.7-15

7.0.7-16

7.0.7-17

7.0.7-18

7.0.7-19

7.0.7-2

7.0.7-20

7.0.7-21

7.0.7-22

7.0.7-23

7.0.7-24

7.0.7-25

7.0.7-26

7.0.7-27

7.0.7-28

7.0.7-29

7.0.7-3

7.0.7-30

7.0.7-31

7.0.7-32

7.0.7-33

7.0.7-34

7.0.7-35

7.0.7-36

7.0.7-37

7.0.7-38

7.0.7-39

7.0.7-4

7.0.7-5

7.0.7-6

7.0.7-8

7.0.7-9

7.0.7.7

7.0.8-0

7.0.8-1

7.0.8-10

7.0.8-2

7.0.8-3

7.0.8-4

7.0.8-5

7.0.8-6

7.0.8-7

7.0.8-8

7.0.8-9

Database specific

vanir_signatures

[
    {
        "id": "CVE-2018-16644-151fd89c",
        "deprecated": false,
        "digest": {
            "length": 27685.0,
            "function_hash": "216344764721089435425809697740891896637"
        },
        "target": {
            "file": "coders/dcm.c",
            "function": "ReadDCMImage"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/16916c8979c32765c542e216b31cee2671b7afe7",
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2018-16644-2dcbff7c",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "282532765129590003694466301263899582732",
                "28575460015977794251610399265088909547",
                "217428959336495974744478309101155832700",
                "91983129253813061800588339833023037686",
                "37483863734739795505907049196586496695",
                "55601521399508558922552616954761080836",
                "222108361130992487661678340231729585411",
                "45267993873415893655198510725235563523",
                "102861351974321239463654041454065620485",
                "230821806491836518422991815357813878619",
                "315261130184466075111194072546714799232",
                "12916301218640047330922904718861499059",
                "111257503344439224121001840319533509963",
                "112100833970445811542922415959476143205",
                "335062944483755306039754672033561531573",
                "234530208679493171825701544464978158847",
                "161688064976702416054686415126221409005",
                "327824439739758784225876323002098557415",
                "335062944483755306039754672033561531573",
                "234530208679493171825701544464978158847",
                "171282357923086536838539842662062027402",
                "309104253251563304176823317934882032628",
                "235383814969330485333753363194890716155",
                "302836472018851990782674805463554345027",
                "205389503708690087342682217076531245574",
                "335375314649863373442602802043992734059",
                "141330677716083687253799837651004802193",
                "241603333444238604478965794023226202297",
                "112957699429535062050344174691128768070",
                "43205081347224939791448762780325004508",
                "295765431739850849530213121397589924738",
                "66636134402260882666810542486448256827",
                "30716425759604132704142046334492865436",
                "247883289141306761883263428253879634356",
                "183025716017305886973560224867389431433",
                "34483684178405649285224538896685681856"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "coders/pict.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2018-16644-3eded309",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "196241113006705054470804958438605567720",
                "263961331765887318856875363007917119891",
                "126978134994261841828292926358304326723",
                "156422671895451978979885945500638271676"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "coders/dcm.c"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/16916c8979c32765c542e216b31cee2671b7afe7",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2018-16644-e82b9979",
        "deprecated": false,
        "digest": {
            "length": 15934.0,
            "function_hash": "325129785612070796534989567550768104245"
        },
        "target": {
            "file": "coders/pict.c",
            "function": "ReadPICTImage"
        },
        "source": "https://github.com/imagemagick/imagemagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135",
        "signature_version": "v1",
        "signature_type": "Function"
    }
]