Published: 30 July 2017
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.
CVSS 3 base score: 6.5
upstream says possibly fixed by fix for CVE-2017-11751
not fixing memory leak in trusty and xenial