Ubuntu 22.10: USN-5736-1 Critical: ImageMagick Denial Of Service
ubuntu
November 24, 2022
Several security issues were fixed in ImageMagick.
Summary
Several security issues were fixed in ImageMagick.
Software Description:
- imagemagick: Image manipulation programs and library
Details:
It was discovered that ImageMagick incorrectly handled certain values
when processing PDF files. If a user or automated system using ImageMagick
were tricked into opening a specially crafted PDF file, an attacker could
exploit this to cause a denial of service. This issue only affected Ubuntu
14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated ...
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: imagemagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 imagemagick-6-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 imagemagick-6.q16 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 imagemagick-6.q16hdri 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 imagemagick-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libimage-magick-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libimage-magick-q16-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagick++-6.q16-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagick++-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagick++-6.q16hdri-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagick++-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6-arch-config 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6-headers 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6.q16-6-extra 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-6.q16hdri-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickcore-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickwand-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickwand-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 libmagickwand-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 perlmagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1 Ubuntu 18.04 LTS: imagemagick 8:6.9.7.4+dfsg-16ubuntu6.14 imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.14 imagemagick-6.q16 8:6.9.7.4+dfsg-16ubuntu6.14 imagemagick-6.q16hdri 8:6.9.7.4+dfsg-16ubuntu6.14 imagemagick-common 8:6.9.7.4+dfsg-16ubuntu6.14 libimage-magick-perl 8:6.9.7.4+dfsg-16ubuntu6.14 libimage-magick-q16-perl 8:6.9.7.4+dfsg-16ubuntu6.14 libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.14 libmagick++-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14 libmagick++-6.q16hdri-7 8:6.9.7.4+dfsg-16ubuntu6.14 libmagick++-dev 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6-arch-config 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6-headers 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6.q16-3-extra 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickcore-dev 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickwand-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickwand-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14 libmagickwand-dev 8:6.9.7.4+dfsg-16ubuntu6.14 perlmagick 8:6.9.7.4+dfsg-16ubuntu6.14 Ubuntu 16.04 ESM: imagemagick 8:6.8.9.9-7ubuntu5.16+esm5 imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm5 imagemagick-common 8:6.8.9.9-7ubuntu5.16+esm5 libimage-magick-perl 8:6.8.9.9-7ubuntu5.16+esm5 libimage-magick-q16-perl 8:6.8.9.9-7ubuntu5.16+esm5 libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm5 libmagick++-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5 libmagick++-dev 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-6-arch-config 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-6-headers 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5 libmagickcore-dev 8:6.8.9.9-7ubuntu5.16+esm5 libmagickwand-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5 libmagickwand-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5 libmagickwand-dev 8:6.8.9.9-7ubuntu5.16+esm5 perlmagick 8:6.8.9.9-7ubuntu5.16+esm5 Ubuntu 14.04 ESM: imagemagick 8:6.7.7.10-6ubuntu3.13+esm3 imagemagick-common 8:6.7.7.10-6ubuntu3.13+esm3 libmagick++-dev 8:6.7.7.10-6ubuntu3.13+esm3 libmagick++5 8:6.7.7.10-6ubuntu3.13+esm3 libmagickcore-dev 8:6.7.7.10-6ubuntu3.13+esm3 libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm3 libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm3 libmagickwand-dev 8:6.7.7.10-6ubuntu3.13+esm3 libmagickwand5 8:6.7.7.10-6ubuntu3.13+esm3 perlmagick 8:6.7.7.10-6ubuntu3.13+esm3 In general, a standard system update will make all the necessary changes.
References
CVE-2021-20224, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244,
CVE-2021-20245, CVE-2021-20246, CVE-2021-20309, CVE-2021-20312,
CVE-2021-20313, CVE-2021-3574, CVE-2021-39212, CVE-2021-4219,
CVE-2022-1114, CVE-2022-28463, CVE-2022-32545, CVE-2022-32546,
CVE-2022-32547
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
November 24, 2022
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!