SB2017011608 - OpenSUSE Linux update for openjpeg2 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017011608

SB2017011608 - OpenSUSE Linux update for openjpeg2

Published: January 16, 2017

Security Bulletin ID SB2017011608
Severity
High
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 23% Medium 69% Low 8%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2016-7445)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via vectors involving the variable s.


2) Buffer overflow (CVE-ID: CVE-2016-8332)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.


3) Division by zero (CVE-ID: CVE-2016-9112)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.


4) NULL pointer dereference (CVE-ID: CVE-2016-9113)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. A remote attacker can perform a denial of service (DoS) attack.


5) NULL pointer dereference (CVE-ID: CVE-2016-9114)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.


6) Buffer overflow (CVE-ID: CVE-2016-9115)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.


7) NULL pointer dereference (CVE-ID: CVE-2016-9116)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.


8) NULL pointer dereference (CVE-ID: CVE-2016-9117)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.


9) Buffer overflow (CVE-ID: CVE-2016-9118)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.


10) NULL pointer dereference (CVE-ID: CVE-2016-9572)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image. A remote attacker can perform a denial of service (DoS) attack.


11) Heap-based buffer overflow (CVE-ID: CVE-2016-9573)

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause the service to crash.

The vulnerability exists in the j2k_to_image component due to due to a heap-based buffer overflow when the j2k_to_image tool handles red, green, blue, and alpha (RGBA) channel dimensions. A remote attacker can execute an application that submits malicious input, trigger out-of-bounds read and gain access to potentially sensitive information or cause the service to crash.


12) Integer overflow (CVE-ID: CVE-2016-9580)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.


13) Buffer overflow (CVE-ID: CVE-2016-9581)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.


Remediation

Install update from vendor's website.

References