vulnerability
SUSE: CVE-2017-14172: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Sep 7, 2017 | Dec 20, 2017 | Aug 12, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Sep 7, 2017
Added
Dec 20, 2017
Modified
Aug 12, 2021
Description
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
Solutions
suse-upgrade-imagemagicksuse-upgrade-imagemagick-config-6-susesuse-upgrade-imagemagick-config-6-upstreamsuse-upgrade-imagemagick-develsuse-upgrade-libmagick-1suse-upgrade-libmagick-6_q16-3suse-upgrade-libmagick-develsuse-upgrade-libmagickcore-6_q16-1suse-upgrade-libmagickcore-6_q16-1-32bitsuse-upgrade-libmagickcore1suse-upgrade-libmagickcore1-32bitsuse-upgrade-libmagickwand-6_q16-1suse-upgrade-libmagickwand1suse-upgrade-libmagickwand1-32bitsuse-upgrade-perl-perlmagick
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.