First published: Fri Mar 18 2022(Updated: )
It was discovered that ImageMagick incorrectly handled certain values when processing XPM image data or large images. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. (CVE-2020-19667, CVE-2017-13144) Suhwan Song discovered that ImageMagick incorrectly handled memory when processing PNG,PALM,MIFF image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. (CVE-2020-25664, CVE-2020-25665, CVE-2020-25674, CVE-2020-27753) Suhwan Song discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2020-25676, CVE-2020-27750, CVE-2020-27760, CVE-2020-27762, CVE-2020-27766, CVE-2020-27770) Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2021-20176, CVE-2021-20241, CVE-2021-20243)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libimage-magick-perl | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/imagemagick-common | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-6.q16-dev | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-dev | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/imagemagick | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libimage-magick-q16-perl | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-6.q16-2-extra | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/imagemagick-6.q16 | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-6-headers | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagick++-6.q16-5v5 | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/perlmagick | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-6-arch-config | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagick++-6.q16-dev | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickwand-6.q16-dev | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickcore-6.q16-2 | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 | ||
All of | ||
ubuntu/libmagickwand-6.q16-2 | <8:6.8.9.9-7ubuntu5.16+esm2 | 8:6.8.9.9-7ubuntu5.16+esm2 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The severity of USN-5335-1 is moderate.
To fix USN-5335-1, update the affected software to version 8:6.8.9.9-7ubuntu5.16+esm2.
The vulnerability affects Ubuntu version 16.04.
Yes, there are known exploits for USN-5335-1.
You can find more information about USN-5335-1 on the Ubuntu security website.