A memory leak was discovered in ImageMagick in the XMagickCommand function in animate.c file. An array of strings, named filelist, is allocated on the heap but not released in case the function ExpandFilenames returns an error code.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | ImageMagick | 2024-03-13 19:46 | ALAS-2024-1926 |
Amazon Linux 2 - Core | ImageMagick | 2020-10-22 17:05 | ALAS2-2020-1497 |
Amazon Linux 2 - Core | ImageMagick | 2024-01-19 01:51 | ALAS2-2024-2432 |
Amazon Linux 1 | php-pecl-imagick | 2020-06-23 07:03 | ALAS-2020-1391 |
Amazon Linux 1 | php54-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1810 |
Amazon Linux 1 | php55-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1812 |
Amazon Linux 1 | php56-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1811 |
Amazon Linux 1 | php70-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1813 |
Amazon Linux 1 | php71-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1814 |
Amazon Linux 1 | php72-pecl-imagick | 2023-08-21 12:14 | ALAS-2023-1815 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 3.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L |
NVD | CVSSv2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P |
NVD | CVSSv3 | 6.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |