Important Information Regarding ImageMagick Vulnerability (CVE-2016-8707)

2016-12-09 12:00:00

Severity
Important
Status
Resolved

Description

A buffer overflow issue that led to a security vulnerability in ImageMagick was found. Unprivileged local users could exploit this vulnerability to trigger root remote code execution by uploading a crafted TIFF file.

Severity

Important

Update Availability

Synology will release a DSM 6.0 update (6.0.2-8451-6) to address this issue in the coming weeks.

Mitigation

  • DSM
    1. Go to Control Panel > Applications > Terminal & SNMP and tick ""Enable SSH service.""
    2. Log into DSM via SSH as “admin” or “root” and execute the following command:
      • For DSM 6.0:
      • $ sudo sed -i "\$i <policy domain=\"coder\" rights=\"none\" pattern=\"TIFF\" />" /usr/bin/ImageMagick-6/policy.xml
      • For DSM 5.2-5967 Update 1 or later versions of DSM 5.2:
      • # sed -i "\$i <policy domain=\"coder\" rights=\"none\" pattern=\"TIFF\" />" /usr/bin/ImageMagick-6/policy.xml
  • SRM
    1. Go to Control Panel > Services > System Services > Terminal and tick ""Enable SSH service.""
    2. Log into SRM via SSH as “root” and execute the following command:
      • # sed -i "\$i <policy domain=\"coder\" rights=\"none\" pattern=\"TIFF\" />" /usr/bin/ImageMagick-6/policy.xml

Since the mitigation mentioned above may cause errors in the results of Security Advisor in DSM, we recommend installing DSM 6.0.2-8451-6 and SRM 1.1.2-6425-2 to fix this issue.

References

http://blog.talosintel.com/2016/12/ImageMagick-Tiff-out-of-Bounds.html
http://www.talosintelligence.com/reports/TALOS-2016-0216
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8655.html
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c