The jas_matrix_bindsub function in jas_seq.c in JasPer allows attackers to cause a denial of service (invalid read) via a crafted image. References: https://blogs.gentoo.org/ago/2017/01/25/jasper-invalid-memory-read-in-jas_matrix_bindsub-jas_seq-c/ http://www.openwall.com/lists/oss-security/2017/01/25/9 Upstream bug: https://github.com/mdadams/jasper/issues/113
*** This bug has been marked as a duplicate of bug 614028 ***