ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "graphicsmagick": "1.3.23-1ubuntu0.4", "graphicsmagick-dbg": "1.3.23-1ubuntu0.4", "libgraphicsmagick++1-dev": "1.3.23-1ubuntu0.4", "graphicsmagick-libmagick-dev-compat": "1.3.23-1ubuntu0.4", "libgraphicsmagick1-dev": "1.3.23-1ubuntu0.4", "graphicsmagick-dbgsym": "1.3.23-1ubuntu0.4", "libgraphicsmagick1-dev-dbgsym": "1.3.23-1ubuntu0.4", "graphicsmagick-imagemagick-compat": "1.3.23-1ubuntu0.4", "libgraphicsmagick-q16-3-dbgsym": "1.3.23-1ubuntu0.4", "libgraphics-magick-perl": "1.3.23-1ubuntu0.4", "libgraphics-magick-perl-dbgsym": "1.3.23-1ubuntu0.4", "libgraphicsmagick++-q16-12": "1.3.23-1ubuntu0.4", "libgraphicsmagick++-q16-12-dbgsym": "1.3.23-1ubuntu0.4", "libgraphicsmagick++1-dev-dbgsym": "1.3.23-1ubuntu0.4", "libgraphicsmagick-q16-3": "1.3.23-1ubuntu0.4" } ] }