CVE-2022-1115

Name	CVE-2022-1115
Description	A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-5628-1
Debian Bugs	1013282

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
imagemagick (PTS)	bullseye	8:6.9.11.60+dfsg-1.3+deb11u4	fixed
	bullseye (security)	8:6.9.11.60+dfsg-1.3+deb11u3	fixed
	bookworm	8:6.9.11.60+dfsg-1.6+deb12u2	fixed
	bookworm (security)	8:6.9.11.60+dfsg-1.6+deb12u1	fixed
	trixie	8:6.9.13.12+dfsg1-1	fixed
	sid	8:7.1.1.39+dfsg1-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
imagemagick	source	stretch	(not affected)
imagemagick	source	buster	(not affected)
imagemagick	source	bullseye	8:6.9.11.60+dfsg-1.3+deb11u3	DSA-5628-1
imagemagick	source	bookworm	8:6.9.11.60+dfsg-1.6+deb12u1	DSA-5628-1
imagemagick	source	(unstable)	8:6.9.12.98+dfsg1-2		1013282

Notes

[buster] - imagemagick <not-affected> (code is introduced later)
[stretch] - imagemagick <not-affected> (code is introduced later)
https://github.com/ImageMagick/ImageMagick/issues/4974
Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51 (6.9.12-44)
Introduced by (Support 32-bit tiles TIFF images): https://github.com/ImageMagick/ImageMagick6/commit/b874d50070557eb98bdc6a3095ef476 (6.9.10-88)