Buffer overflow in OpenJPEG - CVE-2016-9118

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.

How to mitigate CVE-2016-9118

Sources

• http://www.debian.org/security/2017/dsa-4013
• http://www.securityfocus.com/bid/93976
• https://github.com/uclouvain/openjpeg/issues/861
• https://security.gentoo.org/glsa/201710-26