UBUNTU-CVE-2020-27755
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2020-27755
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-27755.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-27755
- Related
- Published
- 2020-12-08T22:15:00Z
- Modified
- 2020-12-08T22:15:00Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / imagemagick
Package
- Name
- imagemagick
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
8:6.*
8:6.7.7.10-5ubuntu3
8:6.7.7.10-5ubuntu4
8:6.7.7.10-6ubuntu1
8:6.7.7.10-6ubuntu2
8:6.7.7.10-6ubuntu3
8:6.7.7.10-6ubuntu3.1
8:6.7.7.10-6ubuntu3.2
8:6.7.7.10-6ubuntu3.3
8:6.7.7.10-6ubuntu3.4
8:6.7.7.10-6ubuntu3.5
8:6.7.7.10-6ubuntu3.6
8:6.7.7.10-6ubuntu3.7
8:6.7.7.10-6ubuntu3.8
8:6.7.7.10-6ubuntu3.9
8:6.7.7.10-6ubuntu3.11
8:6.7.7.10-6ubuntu3.12
8:6.7.7.10-6ubuntu3.13
8:6.7.7.10-6ubuntu3.13+esm1
8:6.7.7.10-6ubuntu3.13+esm2
8:6.7.7.10-6ubuntu3.13+esm3
8:6.7.7.10-6ubuntu3.13+esm4
8:6.7.7.10-6ubuntu3.13+esm5
8:6.7.7.10-6ubuntu3.13+esm6
8:6.7.7.10-6ubuntu3.13+esm7
8:6.7.7.10-6ubuntu3.13+esm8
Ubuntu:Pro:16.04:LTS / imagemagick
Package
- Name
- imagemagick
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
8:6.*
8:6.8.9.9-5ubuntu2
8:6.8.9.9-6
8:6.8.9.9-6build1
8:6.8.9.9-7
8:6.8.9.9-7ubuntu1
8:6.8.9.9-7ubuntu2
8:6.8.9.9-7ubuntu3
8:6.8.9.9-7ubuntu4
8:6.8.9.9-7ubuntu5
8:6.8.9.9-7ubuntu5.1
8:6.8.9.9-7ubuntu5.2
8:6.8.9.9-7ubuntu5.3
8:6.8.9.9-7ubuntu5.4
8:6.8.9.9-7ubuntu5.5
8:6.8.9.9-7ubuntu5.6
8:6.8.9.9-7ubuntu5.7
8:6.8.9.9-7ubuntu5.8
8:6.8.9.9-7ubuntu5.9
8:6.8.9.9-7ubuntu5.11
8:6.8.9.9-7ubuntu5.12
8:6.8.9.9-7ubuntu5.13
8:6.8.9.9-7ubuntu5.14
8:6.8.9.9-7ubuntu5.15
8:6.8.9.9-7ubuntu5.16
8:6.8.9.9-7ubuntu5.16+esm1
8:6.8.9.9-7ubuntu5.16+esm2
8:6.8.9.9-7ubuntu5.16+esm3
8:6.8.9.9-7ubuntu5.16+esm4
8:6.8.9.9-7ubuntu5.16+esm5
8:6.8.9.9-7ubuntu5.16+esm6
8:6.8.9.9-7ubuntu5.16+esm7
8:6.8.9.9-7ubuntu5.16+esm8
8:6.8.9.9-7ubuntu5.16+esm9
8:6.8.9.9-7ubuntu5.16+esm10
Ubuntu:18.04:LTS / imagemagick
Package
- Name
- imagemagick
- Purl
- pkg:deb/ubuntu/imagemagick@8:6.9.7.4+dfsg-16ubuntu6.11?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8:6.9.7.4+dfsg-16ubuntu6.11
Affected versions
8:6.*
8:6.9.7.4+dfsg-16ubuntu2
8:6.9.7.4+dfsg-16ubuntu3
8:6.9.7.4+dfsg-16ubuntu4
8:6.9.7.4+dfsg-16ubuntu5
8:6.9.7.4+dfsg-16ubuntu6
8:6.9.7.4+dfsg-16ubuntu6.2
8:6.9.7.4+dfsg-16ubuntu6.3
8:6.9.7.4+dfsg-16ubuntu6.4
8:6.9.7.4+dfsg-16ubuntu6.7
8:6.9.7.4+dfsg-16ubuntu6.8
8:6.9.7.4+dfsg-16ubuntu6.9
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "low",
"binaries": [
{
"imagemagick-common": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16hdri-3": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libimage-magick-q16-perl": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16hdri-7-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libimage-magick-q16hdri-perl": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16-7-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6-common": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6.q16hdri-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libimage-magick-perl": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16-3-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16hdri-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6.q16-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6-doc": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16-3": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16-3-extra-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16-3": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16hdri-3-extra-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"perlmagick": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libimage-magick-q16-perl-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16hdri-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6-headers": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16hdri-7": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6-headers": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16hdri-3-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16-7": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16hdri-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6-headers": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16hdri-3-extra": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-doc": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16hdri-3": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6-arch-config": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6.q16": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16-3-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-6.q16-3-extra": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagick++-6.q16-dev": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickwand-6.q16hdri-3-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"imagemagick-6.q16hdri": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libimage-magick-q16hdri-perl-dbgsym": "8:6.9.7.4+dfsg-16ubuntu6.11",
"libmagickcore-dev": "8:6.9.7.4+dfsg-16ubuntu6.11"
}
]
}
Ubuntu:20.04:LTS / imagemagick
Package
- Name
- imagemagick
- Purl
- pkg:deb/ubuntu/imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.4?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8:6.9.10.23+dfsg-2.1ubuntu11.4
Affected versions
8:6.*
8:6.9.10.23+dfsg-2.1ubuntu3
8:6.9.10.23+dfsg-2.1ubuntu8
8:6.9.10.23+dfsg-2.1ubuntu9
8:6.9.10.23+dfsg-2.1ubuntu10
8:6.9.10.23+dfsg-2.1ubuntu11
8:6.9.10.23+dfsg-2.1ubuntu11.1
8:6.9.10.23+dfsg-2.1ubuntu11.2
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "low",
"binaries": [
{
"imagemagick-common": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libimage-magick-q16-perl": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16hdri-6-extra-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libimage-magick-q16hdri-perl": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16-8-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6-common": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6.q16hdri-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libimage-magick-perl": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16hdri-6": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16hdri-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6.q16-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16-6-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16-6-extra-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6-doc": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"perlmagick": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16hdri-8-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libimage-magick-q16-perl-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16hdri-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6-headers": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16-6": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6-headers": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6-headers": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16hdri-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16hdri-6-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16hdri-6-extra": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16hdri-6": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-doc": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16-6-extra": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16-8": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16hdri-8": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6-arch-config": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6.q16": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagick++-6.q16-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickwand-6.q16-6": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"imagemagick-6.q16hdri": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16hdri-6-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-6.q16-6-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libimage-magick-q16hdri-perl-dbgsym": "8:6.9.10.23+dfsg-2.1ubuntu11.4",
"libmagickcore-dev": "8:6.9.10.23+dfsg-2.1ubuntu11.4"
}
]
}
Ubuntu:22.04:LTS / imagemagick
Package
- Name
- imagemagick
- Purl
- pkg:deb/ubuntu/imagemagick@8:6.9.11.60+dfsg-1ubuntu1?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8:6.9.11.60+dfsg-1ubuntu1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "low",
"binaries": [
{
"imagemagick-common": "8:6.9.11.60+dfsg-1ubuntu1",
"libimage-magick-q16-perl": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16hdri-6-extra-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libimage-magick-q16hdri-perl": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16-8-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6-common": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6.q16hdri-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libimage-magick-perl": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16hdri-6": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16hdri-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6.q16-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16-6-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16-6-extra-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6-doc": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"perlmagick": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16hdri-8-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libimage-magick-q16-perl-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16hdri-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6-headers": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16-6": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6-headers": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6-headers": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16hdri-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16hdri-6-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16hdri-6-extra": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16hdri-6": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-doc": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16-6-extra": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16-8": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16hdri-8": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6-arch-config": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6.q16": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagick++-6.q16-dev": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickwand-6.q16-6": "8:6.9.11.60+dfsg-1ubuntu1",
"imagemagick-6.q16hdri": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16hdri-6-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-6.q16-6-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libimage-magick-q16hdri-perl-dbgsym": "8:6.9.11.60+dfsg-1ubuntu1",
"libmagickcore-dev": "8:6.9.11.60+dfsg-1ubuntu1"
}
]
}