First published: Wed Jul 26 2017(Updated: )
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Graphicsmagick Graphicsmagick | =1.3.26 | |
debian/graphicsmagick | 1.4+really1.3.36+hg16481-2+deb11u1 1.4+really1.3.40-4 1.4+really1.3.45-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2017-11641.
The severity of CVE-2017-11641 is critical with a severity value of 9.8.
GraphicsMagick version 1.3.26 is affected by CVE-2017-11641.
Upgrade to GraphicsMagick version 1.4+really1.3.35-1~deb10u2 or higher, or 1.3.18-1ubuntu3.1+ or higher.
You can find more information about CVE-2017-11641 in the references: http://hg.code.sf.net/p/graphicsmagick/code/rev/db732abd9318, https://security-tracker.debian.org/tracker/CVE-2017-11641, and https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html.