Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 03 Oct 2017 07:30:06 +0000
From: Terry Chia <>
Subject: Graphicsmagick: NULL Pointer Dereference in DICOM Decoder (CVE-2017-14994)

A null pointer dereference vulnerability in the GraphicsMagick DICOM image
decoder allows an attacker to cause a denial-of-service condition or other
unspecified impact.


30 Sept 2017 - Discovery of the vulnerability.
1 Oct 2017 - Disclosure of vulnerability to the vendor.
1 Oct 2017 - Vulnerability fixed in mercurial commit.
2 Oct 2017 - CVE number requested.
3 Oct 2017 - CVE-2017-14994 assigned.
3 Oct 2017 - Advisory sent to oss-security mailing list.

This issue was discovered by Terry Chia (Ayrx) and Jeremy Heng (@nn_amon).

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ