oss-sec mailing list archives

Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder

From: Ian Zimmerman <itz () primate net>
Date: Sat, 20 May 2017 08:26:36 -0700

On 2017-05-20 09:26, Salvatore Bonaccorso wrote:

Chris Evans discovered that ImageMagick uses unitialized memory in the
RLE decoder, allowing an attacker to leak sensitive information from
process memory space. There is missing initialization in the
ReadRLEImage function.

Original article at:

https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html


It was good to see the discussion of how GraphicsMagick was affected, or
not.  I would love to see that in all *Magick weakness reports.

-- 
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign:
http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html

Current thread:

ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Salvatore Bonaccorso (May 20)
- Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Ian Zimmerman (May 20)
  - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Leo Famulari (May 20)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 20)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Thomas Deutschmann (May 22)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 22)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Solar Designer (May 23)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Thomas Deutschmann (May 23)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 23)
    - Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Jodie Cunningham (May 22)