SB2017092622 - OpenSUSE Linux update for openjpeg2
Published: September 26, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 15 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2015-8871)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing unknown vectors. A remote attackers can have unspecified impact.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
2) Out-of-bounds read (CVE-ID: CVE-2016-7163)
The vulnerability allows a local non-authenticated attacker to execute arbitrary code.
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
3) NULL pointer dereference (CVE-ID: CVE-2016-7445)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via vectors involving the variable s.
4) Buffer overflow (CVE-ID: CVE-2016-8332)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
5) Division by zero (CVE-ID: CVE-2016-9112)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
6) NULL pointer dereference (CVE-ID: CVE-2016-9113)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. A remote attacker can perform a denial of service (DoS) attack.
7) NULL pointer dereference (CVE-ID: CVE-2016-9114)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
8) Buffer overflow (CVE-ID: CVE-2016-9115)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
9) NULL pointer dereference (CVE-ID: CVE-2016-9116)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
10) NULL pointer dereference (CVE-ID: CVE-2016-9117)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
11) Buffer overflow (CVE-ID: CVE-2016-9118)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
12) NULL pointer dereference (CVE-ID: CVE-2016-9572)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image. A remote attacker can perform a denial of service (DoS) attack.
13) Heap-based buffer overflow (CVE-ID: CVE-2016-9573)
The vulnerability allows a remote attacker to obtain potentially sensitive information or cause the service to crash.
The vulnerability exists in the j2k_to_image component due to due to a heap-based buffer overflow when the j2k_to_image tool handles red, green, blue, and alpha (RGBA) channel dimensions. A remote attacker can execute an application that submits malicious input, trigger out-of-bounds read and gain access to potentially sensitive information or cause the service to crash.
14) Integer overflow (CVE-ID: CVE-2016-9580)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
15) Buffer overflow (CVE-ID: CVE-2016-9581)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
Remediation
Install update from vendor's website.