Missing Release of Resource after Effective Lifetime Affecting imagemagick package, versions <8:6.9.9.34+dfsg-3

Q: How to fix?

Upgrade Debian:13 imagemagick to version 8:6.9.9.34+dfsg-3 or higher.

Threat Intelligence

0.53% (67^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-DEBIAN13-IMAGEMAGICK-5682763
published18 Sept 2017
disclosed18 Sept 2017

Report a new vulnerability Found a mistake?

Introduced: 18 Sep 2017

CVE-2017-14533 (opens in a new tab) CWE-772 (opens in a new tab)

How to fix?

Upgrade Debian:13 imagemagick to version 8:6.9.9.34+dfsg-3 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream imagemagick package and not the imagemagick package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c.

References

https://security-tracker.debian.org/tracker/CVE-2017-14533
https://github.com/ImageMagick/ImageMagick/issues/648
http://www.securityfocus.com/bid/100885
http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-14533
https://usn.ubuntu.com/3681-1/