|
|
Subscribe / Log in / New account

GraphicsMagick: denial of service

Package(s):GraphicsMagick CVE #(s):CVE-2012-3438
Created:September 7, 2012 Updated:March 26, 2013
Description:

From the Red Hat advisory:

"As this function stands, it invisibly does the wrong thing for any request over 4GB. On big-endian architectures it very possibly will do the wrong thing even for requests less than that. So the reason why the hard-wired 4GB limit prevents a core dump is that it masks the ABI mismatch here."

So basically we have memory allocations problems that can probably lead to a denial of service.

Alerts:
openSUSE openSUSE-SU-2013:0536-1 GraphicsMagick 2013-03-26
Mandriva MDVSA-2012:165 graphicsmagick 2012-10-12
Mageia MGASA-2012-0267 graphicsmagick 2012-09-13
Fedora FEDORA-2012-12352 GraphicsMagick 2012-09-07
Fedora FEDORA-2012-12366 GraphicsMagick 2012-09-07
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds