Описание
Security update for openjpeg2
This update for openjpeg2 fixes the following issues:
- CVE-2016-9114: NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740]
- CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741]
- CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975]
- CVE-2016-9117: NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743]
- CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744]
- CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747]
- CVE-2016-9116: NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742]
- CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739]
- CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543]
- CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to code execution [bsc#1002414]
- CVE-2016-7445: Null pointer dereference in convert.c could lead to crash [bsc#999817]
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
Ссылки
- Link for SUSE-SU-2016:3270-1
- E-Mail link for SUSE-SU-2016:3270-1
- SUSE Security Ratings
- SUSE Bug 1002414
- SUSE Bug 1007739
- SUSE Bug 1007740
- SUSE Bug 1007741
- SUSE Bug 1007742
- SUSE Bug 1007743
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1014543
- SUSE Bug 1014975
- SUSE Bug 999817
- SUSE CVE CVE-2016-7445 page
- SUSE CVE CVE-2016-8332 page
- SUSE CVE CVE-2016-9112 page
- SUSE CVE CVE-2016-9113 page
- SUSE CVE CVE-2016-9114 page
- SUSE CVE CVE-2016-9115 page
Описание
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
Затронутые продукты
Ссылки
- CVE-2016-7445
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1015662
- SUSE Bug 999817
Описание
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
Затронутые продукты
Ссылки
- CVE-2016-8332
- SUSE Bug 1002414
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1015662
Описание
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
Затронутые продукты
Ссылки
- CVE-2016-9112
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
- SUSE Bug 1056396
Описание
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
Затронутые продукты
Ссылки
- CVE-2016-9113
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
Затронутые продукты
Ссылки
- CVE-2016-9114
- SUSE Bug 1007739
- SUSE Bug 1007740
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Затронутые продукты
Ссылки
- CVE-2016-9115
- SUSE Bug 1007739
- SUSE Bug 1007741
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Затронутые продукты
Ссылки
- CVE-2016-9116
- SUSE Bug 1007739
- SUSE Bug 1007742
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
Затронутые продукты
Ссылки
- CVE-2016-9117
- SUSE Bug 1007739
- SUSE Bug 1007743
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
Затронутые продукты
Ссылки
- CVE-2016-9118
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1007747
- SUSE Bug 1015662
Описание
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.
Затронутые продукты
Ссылки
- CVE-2016-9572
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1014543
- SUSE Bug 1015662
Описание
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.
Затронутые продукты
Ссылки
- CVE-2016-9573
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1014543
- SUSE Bug 1015662
Описание
An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
Затронутые продукты
Ссылки
- CVE-2016-9580
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1014975
- SUSE Bug 1015662
Описание
An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
Затронутые продукты
Ссылки
- CVE-2016-9581
- SUSE Bug 1007739
- SUSE Bug 1007744
- SUSE Bug 1014975
- SUSE Bug 1015662