Canonical Ubuntu Linux vulnerabilities

CVE-2017-17885 [MEDIUM] CWE-772 CVE-2017-17885: In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.

CVE-2017-17914 [MEDIUM] CWE-834 CVE-2017-17914: In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.

CVE-2017-17934 [MEDIUM] CWE-772 CVE-2017-17934: ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and Process ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

CVE-2017-17818 [HIGH] CWE-125 CVE-2017-17818: In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.

CVE-2017-17816 [MEDIUM] CWE-416 CVE-2017-17816: In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that w In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.

CVE-2017-17813 [MEDIUM] CWE-416 CVE-2017-17813: In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.

CVE-2017-17814 [MEDIUM] CWE-416 CVE-2017-17814: In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.

CVE-2017-17820 [MEDIUM] CWE-416 CVE-2017-17820: In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.

CVE-2017-17811 [MEDIUM] CVE-2017-17811: In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in paste_tokens in asm/preproc.c, a similar issue to CVE-2017-11111.

CVE-2017-17815 [MEDIUM] CWE-754 CVE-2017-17815: In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/prepro In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.

CVE-2017-17812 [MEDIUM] CWE-125 CVE-2017-17812: In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken( In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c that will cause a remote denial of service attack.

CVE-2017-17817 [MEDIUM] CWE-416 CVE-2017-17817: In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that wi In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.

CVE-2017-17819 [MEDIUM] CWE-476 CVE-2017-17819: In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.

CVE-2017-17810 [MEDIUM] CWE-20 CVE-2017-17810: In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote d In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments.

CVE-2017-17806 [HIGH] CWE-787 CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executi

CVE-2017-17785 [HIGH] CWE-787 CVE-2017-17785: In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.

CVE-2017-17787 [HIGH] CWE-125 CVE-2017-17787: In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c.

CVE-2017-17786 [HIGH] CWE-125 CVE-2017-17786: In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (r In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

CVE-2017-17805 [HIGH] CWE-20 CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-le The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted seq

CVE-2017-17784 [HIGH] CWE-125 CVE-2017-17784: In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c i In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.