CVE-2022-1122

Опубликовано: 29 мар. 2022

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.5

Описание

A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
impish	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	code not compiled
devel	not-affected	uses system openjpeg2
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	code not compiled
esm-infra/focal	not-affected	uses system openjpeg2
esm-infra/xenial	not-affected	code not compiled
focal	not-affected	uses system openjpeg2
impish	not-affected	uses system openjpeg2
jammy	not-affected	uses system openjpeg2
kinetic	not-affected	uses system openjpeg2

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	DNE
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
impish	ignored	end of life
jammy	needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/focal	DNE
focal	DNE
impish	DNE
jammy	DNE
kinetic	DNE
lunar	DNE

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	2.5.0-1build1
esm-apps/bionic	released	2.3.0-2+deb10u2ubuntu0.1~esm3
esm-apps/xenial	released	2.1.2-1.1+deb9u6ubuntu0.1~esm6
esm-infra-legacy/trusty	DNE
esm-infra/focal	not-affected	2.3.1-1ubuntu4.20.04.3
focal	released	2.3.1-1ubuntu4.20.04.3
impish	ignored	end of life
jammy	released	2.4.0-6ubuntu0.2
kinetic	ignored	end of life, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
impish	ignored	end of life
jammy	needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
impish	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 15%

0.00048

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-1122

CVSS3: 5.1

redhat

почти 4 года назад

CVE-2022-1122

CVSS3: 5.5

nvd

около 3 лет назад

CVE-2022-1122

CVSS3: 5.5

debian

около 3 лет назад

A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in ...

RLSA-2022:8207

rocky

больше 2 лет назад

Low: openjpeg2 security update

RLSA-2022:7645

rocky

больше 2 лет назад

Low: openjpeg2 security update

EPSS

Процентиль: 15%

0.00048

Низкий

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2022-1122

Описание

Пакет blender

Пакет ghostscript

Пакет insighttoolkit4

Пакет openjpeg

Пакет openjpeg2

Пакет qtwebengine-opensource-src

Пакет texmaker

Ссылки на источники

Связанные уязвимости