Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 606618 (CVE-2016-9572, CVE-2016-9573) - <media-libs/openjpeg-2.2.0: Two flaws in the way openjpeg decompress certain input images (CVE-2016-{9572,9573})
Summary: <media-libs/openjpeg-2.2.0: Two flaws in the way openjpeg decompress certain ...
Status: RESOLVED FIXED
Alias: CVE-2016-9572, CVE-2016-9573
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa cve]
Keywords:
Depends on: CVE-2016-1626, CVE-2016-1628, CVE-2016-9112
Blocks:
  Show dependency tree
 
Reported: 2017-01-20 15:58 UTC by Thomas Deutschmann
Modified: 2017-10-23 01:39 UTC (History)
2 users (show)

See Also:
Package list:
=media-libs/openjpeg-2.2.0
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-20 15:58:35 UTC
CVE-2016-9573 openjpeg: heap out-of-bounds read due to insufficient check in imagetopnm()

A heap buffer overflow flaw was found in the way openjpeg decompressed certain input images. Due to an insufficient check in the imagetopnm() function, an application using openjpeg to process image data could crash when processing a crafted image.

Upstream bug:

https://github.com/uclouvain/openjpeg/issues/862


CVE-2016-9572 openjpeg: NULL pointer dereference in input decoding

A NULL pointer dereference flaw was found in the way openjpeg decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image. 

Upstream bug:

https://github.com/uclouvain/openjpeg/issues/863

Upstream patch:

https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d

Note that the above patch fixes two issues: CVE-2016-9573 as well as CVE-2016-9572.
Comment 1 Agostino Sarubbo gentoo-dev 2017-01-21 16:15:57 UTC
It's great to have those bugs tracked here, but just FTR there are still dozens of unfixed security bugs that come from fuzzing.
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2017-08-20 18:22:32 UTC
Both issues were fixed in >=media-libs/openjpeg-2.2.0.
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2017-08-20 18:48:35 UTC
Stabilization will happen in bug 602180.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2017-10-23 01:39:57 UTC
This issue was resolved and addressed in
 GLSA 201710-26 at https://security.gentoo.org/glsa/201710-26
by GLSA coordinator Aaron Bauman (b-man).