CVE-2021-20311
Summary
| CVE | CVE-2021-20311 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-05-11 23:15:00 UTC |
|---|
| Updated | 2021-05-17 19:50:00 UTC |
|---|
| Description | A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 1946739 – (CVE-2021-20311) CVE-2021-20311 ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 174933 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1277-1)
- 174936 SUSE Enterprise Linux Security Update for ImageMagick (SUSE-SU-2021:1276-1)
- 501583 Alpine Linux Security Update for imagemagick
- 501868 Alpine Linux Security Update for imagemagick
- 670541 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2299)
- 670576 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 670627 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2385)
- 670861 EulerOS Security Update for ImageMagick (EulerOS-SA-2021-2334)
- 690139 Free Berkeley Software Distribution (FreeBSD) Security Update for imagemagick7 (a7c60af1-b3f1-11eb-a5f7-a0f3c100ae18)
- 750249 OpenSUSE Security Update for ImageMagick (openSUSE-SU-2021:0606-1)
