Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 571256 (CVE-2015-8751)

Summary: <media-libs/jasper-1.900.6: Integer overflow in jas_matrix_create()
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: sci
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2016-01-08 08:17:27 UTC
From ${URL} :

We find a vulnerability in the way JasPer's jas_matrix_create() function parsed certain JPEG 2000 
image files. 

jas_matrix_t *jas_matrix_create(int numrows, int numcols)

	if (matrix->maxrows_ > 0) {
		if (!(matrix->rows_ = jas_malloc(matrix->maxrows_ *
		  sizeof(jas_seqent_t *)))) {


matrix->maxrows_ > 0 ,but matrix->maxrows_ *sizeof(jas_seqent_t *) can cause Integer overflow.

Reported by Qihoo 360 Codesafe Team


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Agostino Sarubbo gentoo-dev 2016-10-19 09:40:10 UTC
This is fixed in the latest jasper-1.900.6

We will stabilize it.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2017-04-30 19:54:29 UTC
New GLSA Request filed.

Arches and Maintainer(s), Thank you for your work.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-07-08 12:39:39 UTC
This issue was resolved and addressed in
 GLSA 201707-07 at
by GLSA coordinator Thomas Deutschmann (whissi).