PT-2021-3557 · Unknown+5 · Imagemagick+5

Pedro Sampaio

Published

2021-02-15

Updated

2024-06-15

CVE-2021-20246

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ImageMagick (affected versions not specified)

Description A flaw was found in ImageMagick in MagickCore/resample.c, related to a lack of division by zero check. This issue can be exploited by a remote attacker who submits a crafted file that is processed by ImageMagick, potentially triggering undefined behavior in the form of math division by zero. The highest threat from this issue is to system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALT-PU-2021-1438

ALT-PU-2024-2243

BDU:2021-03654

CVE-2021-20246

DLA-2602-1

DLA-3429-1

MGASA-2021-0156

OESA-2021-1110

OPENSUSE-SU-2021:0377-1

OPENSUSE-SU-2021_0377-1

OPENSUSE-SU-2024:11564-1

SUSE-SU-2021:0600-1

SUSE-SU-2021:0605-1

SUSE-SU-2023:4634-1

USN-5158-1

USN-5736-1

USN-5736-2

USN-6200-1

Affected Products

Alt Linux

Astra Linux

Imagemagick

Linuxmint

Suse

Ubuntu

PT-2021-3557 · Unknown+5 · Imagemagick+5

CVE-2021-20246

Weakness Enumeration

Related Identifiers

Affected Products

References · 166