CVE-2025-54874

Опубликовано: 05 авг. 2025

Источник: redhat

CVSS3: 8

Описание

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.

An out-of-bounds heap memory write (OOB) flaw was found in OpenJPEG. A call to opj_jp2_read_header may lead to an OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.

Отчет

This vulnerability is Important rather than Moderate because it allows a malformed or truncated data stream to trigger a heap-based out-of-bounds (OOB) write, which directly corrupts memory. Unlike read-based issues or null dereference crashes that typically lead to denial of service, an OOB write has the potential to alter program control flow, leading to arbitrary code execution under certain conditions. The affected pointer p_image is dereferenced without verifying the success of the header parsing routine, and if it's left uninitialized due to a parsing failure, writing to it results in undefined behavior.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	openjpeg	Out of support scope
Red Hat Enterprise Linux 7	openjpeg	Not affected
Red Hat Enterprise Linux 7	openjpeg2	Not affected
Red Hat Enterprise Linux 8	openjpeg2	Not affected
Red Hat Enterprise Linux 9	openjpeg2	Not affected
Red Hat Enterprise Linux AI (RHEL AI)	libpdfium	Not affected
Red Hat Enterprise Linux 10	openjpeg2	Fixed	RHSA-2025:13944	18.08.2025