#VU21456 Infinite loop in OpenJPEG


Published: 2019-10-01 | Updated: 2020-12-29

Vulnerability identifier: #VU21456

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-12973

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenJPEG
Universal components / Libraries / Libraries used by multiple products

Vendor: openjpeg.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c in Open JPEG. A remote attacker can create a specially crafted .bmp file, pass it to the affected application and perform denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenJPEG: 2.1.1 - 2.3.1

External links
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html
http://www.securityfocus.com/bid/108900
http://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3
http://github.com/uclouvain/openjpeg/pull/1185/commits/cbe7384016083eac16078b359acd7a842253d503
http://github.com/uclouvain/openjpeg/blob/v2.4.0/CHANGELOG.md

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


openEuler update for openjpeg2
Gentoo update for OpenJPEG
Infinite loop in openjpeg (Alpine package)
OpenSUSE Linux update for ghostscript
OpenSUSE Linux update for ghostscript
Denial of service in OpenJPEG