Oval Definition:oval:org.opensuse.security:def:202334475
Revision Date:2023-06-22Version:1
Title:CVE-2023-34475
Description:

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2023-34475
SUSE CVE-2023-34475
Platform(s):SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
SUSE Linux Enterprise Module for Development Tools 15 SP5
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND perl-PerlMagick is not affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • ImageMagick is not affected
  • OR ImageMagick-config-7-SUSE is not affected
  • OR ImageMagick-config-7-upstream is not affected
  • OR ImageMagick-devel is not affected
  • OR libMagick++-7_Q16HDRI5 is not affected
  • OR libMagick++-devel is not affected
  • OR libMagickCore-7_Q16HDRI10 is not affected
  • OR libMagickWand-7_Q16HDRI10 is not affected
    • BACK