First published: Mon Oct 02 2023(Updated: )
A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/ImageMagick | <7.1.2 | 7.1.2 |
All of | ||
ImageMagick ImageMagick | <7.1.2 | |
Any of | ||
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
Fedoraproject Extra Packages For Enterprise Linux | =8.0 | |
Fedoraproject Fedora | =38 | |
ubuntu/imagemagick | <8:6.9.7.4+dfsg-16ubuntu6.15+ | 8:6.9.7.4+dfsg-16ubuntu6.15+ |
ubuntu/imagemagick | <8:6.9.10.23+dfsg-2.1ubuntu11.9+ | 8:6.9.10.23+dfsg-2.1ubuntu11.9+ |
ubuntu/imagemagick | <8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+ | 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+ |
ubuntu/imagemagick | <8:6.7.7.10-6ubuntu3.13+ | 8:6.7.7.10-6ubuntu3.13+ |
ubuntu/imagemagick | <7.1.1-36 | 7.1.1-36 |
ubuntu/imagemagick | <8:6.8.9.9-7ubuntu5.16+ | 8:6.8.9.9-7ubuntu5.16+ |
debian/imagemagick | 8:6.9.11.60+dfsg-1.3+deb11u4 8:6.9.11.60+dfsg-1.3+deb11u3 8:6.9.11.60+dfsg-1.6+deb12u2 8:6.9.11.60+dfsg-1.6+deb12u1 8:6.9.13.12+dfsg1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-5341 is medium with a severity value of 6.2.
CVE-2023-5341 affects ImageMagick version 7.1.2 and earlier.
The vulnerability in coders/bmp.c is a heap use-after-free flaw.
To fix CVE-2023-5341 in ImageMagick, update to version 7.1.2 or later.
Red Hat Enterprise Linux 6.0 and 7.0 are not affected by CVE-2023-5341.