← Back

CVE-2017-18209

nvd nist
Published: Mar 1, 2018Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

Affected (30)

Imagemagick
1 product
Imagemagick
Canonical
1 product
Ubuntu Linux
Configuration A
26 vulnerable
Vulnerable SoftwareAffected Versions
Imagemagick
Imagemagick
Version 7.0.7-0
Imagemagick
Version 7.0.7-10
Imagemagick
Version 7.0.7-11
Imagemagick
Version 7.0.7-12
Imagemagick
Version 7.0.7-13
Imagemagick
Version 7.0.7-14
Imagemagick
Version 7.0.7-15
Imagemagick
Version 7.0.7-16
Imagemagick
Version 7.0.7-17
Imagemagick
Version 7.0.7-18
Imagemagick
Version 7.0.7-19
Imagemagick
Version 7.0.7-1
Imagemagick
Version 7.0.7-20
Imagemagick
Version 7.0.7-21
Imagemagick
Version 7.0.7-22
Imagemagick
Version 7.0.7-23
Imagemagick
Version 7.0.7-24
Imagemagick
Version 7.0.7-25
Imagemagick
Version 7.0.7-2
Imagemagick
Version 7.0.7-3
Imagemagick
Version 7.0.7-4
Imagemagick
Version 7.0.7-5
Imagemagick
Version 7.0.7-6
Imagemagick
Version 7.0.7-8
Imagemagick
Version 7.0.7-9
Imagemagick
Version 7.0.7.7
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 17.10
Ubuntu Linux
Version 18.04

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (8)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Issue TrackingPatchThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.