CVE-2017-18008
Description
Memory leak in ImageMagick's ReadPWPImage function can be exploited via crafted PWP files to cause denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in ImageMagick's ReadPWPImage function can be exploited via crafted PWP files to cause denial of service.
Vulnerability
In ImageMagick 7.0.7-17 Q16, the ReadPWPImage function in coders/pwp.c contains a memory leak [2]. When processing a PWP image, the function allocates memory via AcquireImageInfo and CloneImageInfo but fails to release it properly, resulting in a direct leak of 13,024 bytes and an indirect leak of 88 bytes per call [2]. This affects all versions prior to the fix.
Exploitation
An attacker can trigger the memory leak by providing a specially crafted PWP image file. No authentication is required; the vulnerability is exploitable if the victim processes the file using ImageMagick (e.g., via convert or an automated service) [1]. The leak occurs during the initial reading of the image, so no complex sequence is needed [2].
Impact
The memory leak leads to gradual exhaustion of system memory when multiple malicious files are processed, causing a denial-of-service condition [1]. While the immediate impact is limited to denial of service, the advisory from Ubuntu notes that other ImageMagick vulnerabilities in the same update could allow code execution [1].
Mitigation
The vulnerability is fixed in ImageMagick version 7.0.7-18 and later [2]. Ubuntu users can update to the packages provided in USN-3681-1 (released 2018-06-11) for Ubuntu 14.04, 16.04, 17.10, and 18.04 LTS [1]. Users unable to upgrade should avoid processing untrusted PWP files.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- Range: 7.0.7-17
- osv-coords11 versionspkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 6.8.8.1-71.33.1+ 10 more
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
- (no CPE)range: < 6.8.8.1-71.33.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"A memory leak occurs in the ReadPWPImage function when processing PWP image files."
Attack vector
An attacker can trigger this vulnerability by providing a specially crafted PWP image file to the ImageMagick `convert` utility. Processing this file causes memory to be allocated but not deallocated, leading to a leak. The vulnerability is present in ImageMagick version 7.0.7-17 Q16 [ref_id=1].
Affected code
The memory leak is located in the `ReadPWPImage` function within the `coders/pwp.c` file [ref_id=1]. The leak is triggered during the image reading process, specifically involving memory allocations for image information, cloning image information, and potentially semaphore and splay tree operations related to image processing [ref_id=1].
What the fix does
The provided bundle does not contain a patch file or specific details on the fix. However, the vulnerability is described as a memory leak in the `ReadPWPImage` function within `coders/pwp.c` [ref_id=1]. Remediation would involve ensuring all allocated memory within this function is properly freed.
Preconditions
- inputA specially crafted PWP image file.
- configThe vulnerable version of ImageMagick (7.0.7-17 Q16) must be installed.
Reproduction
The reference write-up provides a test case command: `magick convert Memory-Leak-ReadPWPImage /dev/null` and a link to a proof-of-concept repository [ref_id=1].
Generated on Jun 3, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- usn.ubuntu.com/3681-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.securityfocus.com/bid/102346mitrevdb-entryx_refsource_BID
- github.com/ImageMagick/ImageMagick/issues/921mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.