Canonical Ubuntu Linux vulnerabilities

CVE-2017-14533 [MEDIUM] CWE-772 CVE-2017-14533: ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

CVE-2017-14325 [MEDIUM] CWE-772 CVE-2017-14325: In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.

CVE-2017-14342 [MEDIUM] CWE-400 CVE-2017-14342: ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a craf ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.

CVE-2017-14341 [MEDIUM] CWE-400 CVE-2017-14341: ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exha ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.

CVE-2017-14326 [MEDIUM] CWE-772 CVE-2017-14326: In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in co In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-14343 [MEDIUM] CWE-772 CVE-2017-14343: ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xc ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file.

CVE-2017-14228 [MEDIUM] CWE-476 CVE-2017-14228: In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.

CVE-2017-6362 [HIGH] CWE-415 CVE-2017-6362: Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attacke Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

CVE-2017-14173 [MEDIUM] CWE-190 CVE-2017-14173: In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might oc In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.

CVE-2017-14172 [MEDIUM] CWE-834 CVE-2017-14172: In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no

CVE-2017-14175 [MEDIUM] CWE-834 CVE-2017-14175: In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of Fi In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since the

CVE-2017-14174 [MEDIUM] CWE-834 CVE-2017-14174: In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF ( In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since t

CVE-2017-14166 [MEDIUM] CWE-125 CVE-2017-14166: libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer ov libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c.

CVE-2017-12692 [MEDIUM] CWE-770 CVE-2017-12692: The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.

CVE-2017-12691 [MEDIUM] CWE-770 CVE-2017-12691: The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

CVE-2017-12693 [MEDIUM] CWE-770 CVE-2017-12693: The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.

CVE-2017-14064 [CRITICAL] CWE-119 CVE-2017-14064: Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len.

CVE-2017-0902 [HIGH] CWE-350 CVE-2017-0902: RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MIT RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls.

CVE-2017-0901 [HIGH] CWE-22 CVE-2017-0901: RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously cr RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.

CVE-2017-14060 [MEDIUM] CWE-476 CVE-2017-14060: In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.