PRIOn knowledge basePRION:CVE-2017-14040

HistoryAug 30, 2017 - 10:29 p.m.

Code injection

2017-08-3022:29:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.8%

JSON

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
openjpegeq2.2.0

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	9.0
openjpeg	eq	2.2.0

References

www.debian.org/security/2017/dsa-4013

www.securityfocus.com/bid/100553

blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/

github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281

github.com/uclouvain/openjpeg/issues/995