Lucene search

UbuntuUSN-5664-1

HistoryOct 07, 2022 - 12:00 a.m.

OpenJPEG vulnerabilities

2022-10-0700:00:00

ubuntu.com

ubuntu 16.04 esm

openjpeg

dos

pnm

dwt

image library

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.0%

JSON

Releases

Ubuntu 16.04 ESM

Packages

openjpeg - development files for OpenJPEG, a JPEG 2000 image library - dev

Details

It was discovered that OpenJPEG did not properly handle PNM
headers, resulting in a null pointer dereference. A remote
attacker could possibly use this issue to cause a denial of
service (DoS). (CVE-2016-7445)

It was discovered that OpenJPEG incorrectly handled certain
image files resulting in division by zero. A remote attacker
could possibly use this issue to cause a denial of service
(DoS). (CVE-2016-9112 and CVE-2016-10506)

It was discovered that OpenJPEG incorrectly handled converting
certain image files resulting in a stack buffer overflow. A
remote attacker could possibly use this issue to cause a
denial of service (DoS). (CVE-2017-17479)

It was discovered that OpenJPEG incorrectly handled converting
PNM image files resulting in a null pointer dereference. A
remote attacker could possibly use this issue to cause a denial
of service (DoS). (CVE-2018-18088)

It was discovered that OpenJPEG incorrectly handled converting
DWT images files resulting in a buffer overflow. A remote
attacker could possibly use this issue to cause a denial of
service (DoS). (CVE-2020-27824)

OSVersionArchitecturePackageVersionFilename
Ubuntu16.04noarchopenjpip-dec-server< 1:1.5.2-3.1ubuntu0.1~esm2UNKNOWN
Ubuntu16.04noarchlibopenjpeg-dev< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-dev-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-java< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-java-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5-dbg< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchopenjpeg-tools< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchopenjpeg-tools-dbgsym< 1:1.5.2-3.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	16.04	noarch	openjpip-dec-server	< 1:1.5.2-3.1ubuntu0.1~esm2	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-dev	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-dev-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-java	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-java-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5-dbg	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	openjpeg-tools	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	openjpeg-tools-dbgsym	< 1:1.5.2-3.1	UNKNOWN