A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "imagemagick", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6-common", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6-doc", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6.q16", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6.q16-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6.q16hdri", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-6.q16hdri-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-common", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "imagemagick-doc", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libimage-magick-perl", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libimage-magick-q16-perl", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libimage-magick-q16-perl-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libimage-magick-q16hdri-perl", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libimage-magick-q16hdri-perl-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6-headers", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16-8", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16-8-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16hdri-8", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16hdri-8-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-6.q16hdri-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagick++-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6-arch-config", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6-headers", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16-6", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16-6-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16-6-extra", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16-6-extra-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16hdri-6", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-6.q16hdri-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickcore-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6-headers", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16-6", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16-6-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16hdri-6", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-6.q16hdri-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "libmagickwand-dev", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" }, { "binary_name": "perlmagick", "binary_version": "8:6.9.10.23+dfsg-2.1ubuntu11.10" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "imagemagick", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6-common", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6-doc", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6.q16", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6.q16-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6.q16hdri", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-6.q16hdri-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-common", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "imagemagick-doc", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libimage-magick-perl", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libimage-magick-q16-perl", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libimage-magick-q16-perl-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libimage-magick-q16hdri-perl", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libimage-magick-q16hdri-perl-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16-8", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16-8-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16hdri-8", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16hdri-8-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagick++-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6-arch-config", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16-6", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16-6-extra", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16-6-extra-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16hdri-6", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickcore-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16-6", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16hdri-6", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "libmagickwand-dev", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" }, { "binary_name": "perlmagick", "binary_version": "8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "imagemagick", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6-common", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6-doc", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6.q16", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6.q16-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6.q16hdri", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-6.q16hdri-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-common", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "imagemagick-doc", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libimage-magick-perl", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libimage-magick-q16-perl", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libimage-magick-q16-perl-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libimage-magick-q16hdri-perl", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libimage-magick-q16hdri-perl-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16-8", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16-8-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16hdri-8", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16hdri-8-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagick++-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6-arch-config", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16-6", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16-6-extra", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16-6-extra-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16hdri-6", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16hdri-6-extra-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickcore-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6-headers", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16-6", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16hdri-6", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16hdri-6-dbgsym", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-6.q16hdri-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "libmagickwand-dev", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" }, { "binary_name": "perlmagick", "binary_version": "8:6.9.11.60+dfsg-1.6ubuntu1" } ] }