Multiple vulnerabilities in OpenJPEG
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2024-56826 CVE-2023-39327 CVE-2024-56827 |
| CWE-ID | CWE-122 CWE-835 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
OpenJPEG Universal components / Libraries / Libraries used by multiple products |
| Vendor | openjpeg.org |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU101962
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-56826
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenJPEG: 2.5.0 - 2.5.2
CPE2.3- cpe:2.3:a:openjpeg_org:openjpeg:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.5.2:*:*:*:*:*:*:*
https://github.com/uclouvain/openjpeg/issues/1563
https://github.com/uclouvain/openjpeg/pull/1566
https://github.com/uclouvain/openjpeg/pull/1566/commits/98592ee6d6904f1b48e8207238779b89a63befa2
https://github.com/uclouvain/openjpeg/commit/e492644fbded4c820ca55b5e50e598d346e850e8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Infinite loop
EUVDB-ID: #VU101965
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-39327
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop. A remote attacker can consume all available system resources and cause denial of service conditions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenJPEG: 2.5.0 - 2.5.2
CPE2.3- cpe:2.3:a:openjpeg_org:openjpeg:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.5.2:*:*:*:*:*:*:*
https://bugzilla.redhat.com/show_bug.cgi?id=2295812
https://github.com/uclouvain/openjpeg/issues/1472
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU102955
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-56827
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the opj_j2k_add_tlmarker() function in src/lib/openjp2/j2k.c. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOpenJPEG: 2.0 - 2.5.2
CPE2.3- cpe:2.3:a:openjpeg_org:openjpeg:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openjpeg_org:openjpeg:2.1:*:*:*:*:*:*:*
https://bugzilla.redhat.com/show_bug.cgi?id=2335174
https://github.com/uclouvain/openjpeg/commit/e492644fbded4c820ca55b5e50e598d346e850e8
https://github.com/uclouvain/openjpeg/issues/1564
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
