Описание
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
A flaw was found in the opj2_decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
Отчет
This flaw affects the opj2_compress utility but is not in the openjpeg2 library. Therefore, the attack vector is local to the opj2_compress utility and would require an attacker to convince a user to open a directory with an extremely large number of files using opj2_compress, or a script to be feeding such arbitrary, untrusted files to opj2_compress.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | openjpeg | Out of support scope | ||
| Red Hat Enterprise Linux 7 | openjpeg | Out of support scope | ||
| Red Hat Enterprise Linux 7 | openjpeg2 | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gimp:flatpak/openjpeg2 | Not affected | ||
| Red Hat Enterprise Linux 8 | inkscape:flatpak/openjpeg2 | Not affected | ||
| Red Hat Enterprise Linux 8 | libreoffice:flatpak/openjpeg2 | Not affected | ||
| Red Hat Enterprise Linux 9 | libreoffice:flatpak/openjpeg2 | Not affected | ||
| Red Hat Enterprise Linux 8 | openjpeg2 | Fixed | RHSA-2022:7645 | 08.11.2022 |
| Red Hat Enterprise Linux 9 | openjpeg2 | Fixed | RHSA-2022:8207 | 15.11.2022 |
Показывать по
Дополнительная информация
Статус:
5.1 Medium
CVSS3
Связанные уязвимости
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in ...
5.1 Medium
CVSS3