CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
41.6%
A vulnerability was discovered in ImageMagick where a specially created SVG
file loads itself and causes a segmentation fault. This flaw allows a
remote attacker to pass a specially crafted SVG file that leads to a
segmentation fault, generating many trash files in “/tmp,” resulting in a
denial of service. When ImageMagick crashes, it generates a lot of trash
files. These trash files can be large if the SVG file contains many render
actions. In a denial of service attack, if a remote attacker uploads an SVG
file of size t, ImageMagick generates files of size 103*t. If an attacker
uploads a 100M SVG, the server will generate about 10G.
Author | Note |
---|---|
rodrigo-zaiden | vulnerability was added at some point in 6.9.x. It does not reproduce in older versions. In Ubuntu it affects bionic and later. additional patchs may be needed, some data structures are not available in ImageMagick6, and there is no commit from upstream in ImageMagick6. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | imagemagick | < 8:6.9.10.23+dfsg-2.1ubuntu11.10 | UNKNOWN |
ubuntu | 22.04 | noarch | imagemagick | < 8:6.9.11.60+dfsg-1.3ubuntu0.22.04.5 | UNKNOWN |
ubuntu | 22.10 | noarch | imagemagick | < 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.5 | UNKNOWN |
ubuntu | 23.04 | noarch | imagemagick | < 8:6.9.11.60+dfsg-1.6ubuntu0.23.04.1 | UNKNOWN |
ubuntu | 23.10 | noarch | imagemagick | < 8:6.9.11.60+dfsg-1.6ubuntu1 | UNKNOWN |
ubuntu | 24.04 | noarch | imagemagick | < 8:6.9.11.60+dfsg-1.6ubuntu1 | UNKNOWN |
github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr
launchpad.net/bugs/cve/CVE-2023-1289
nvd.nist.gov/vuln/detail/CVE-2023-1289
security-tracker.debian.org/tracker/CVE-2023-1289
ubuntu.com/security/notices/USN-6200-1
ubuntu.com/security/notices/USN-6200-2
www.cve.org/CVERecord?id=CVE-2023-1289