Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-1296-1.NASL
HistoryApr 22, 2022 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : openjpeg (SUSE-SU-2022:1296-1)

2022-04-2200:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
JSON

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1296-1 advisory.

  • Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). (CVE-2018-14423)

  • An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. (CVE-2018-16376)

  • jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. (CVE-2020-15389)

  • A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-27823)

  • opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. (CVE-2020-8112)

  • Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option -ImgDir on a directory that contains 1048576 files. (CVE-2021-29338)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:1296-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(160073);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");

  script_cve_id(
    "CVE-2018-14423",
    "CVE-2018-16376",
    "CVE-2020-8112",
    "CVE-2020-15389",
    "CVE-2020-27823",
    "CVE-2021-29338"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2022:1296-1");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : openjpeg (SUSE-SU-2022:1296-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by
multiple vulnerabilities as referenced in the SUSE-SU-2022:1296-1 advisory.

  - Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in
    lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service
    (application crash). (CVE-2018-14423)

  - An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function
    t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to
    remote denial of service or possibly unspecified other impact. (CVE-2018-16376)

  - jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a
    mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free
    may also be possible. This is related to calling opj_image_destroy twice. (CVE-2020-15389)

  - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset
    input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to
    confidentiality, integrity, as well as system availability. (CVE-2020-27823)

  - opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer
    overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. (CVE-2020-8112)

  - Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of
    Service (DoS). This occurs when the attacker uses the command line option -ImgDir on a directory that
    contains 1048576 files. (CVE-2021-29338)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1102016");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1106881");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1162090");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1173578");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1180457");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184774");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14423");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16376");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-15389");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-27823");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8112");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-29338");
  # https://lists.suse.com/pipermail/sle-security-updates/2022-April/010791.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?362923ae");
  script_set_attribute(attribute:"solution", value:
"Update the affected libopenjpeg1 and / or openjpeg-devel packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-8112");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/04/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libopenjpeg1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:openjpeg-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP3/4", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP3/4", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(0|1|2|3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP0/1/2/3/4", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(0|1|2|3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP0/1/2/3/4", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-desktop-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-desktop-applications-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},
    {'reference':'libopenjpeg1-1.5.2-150000.4.5.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},
    {'reference':'openjpeg-devel-1.5.2-150000.4.5.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libopenjpeg1 / openjpeg-devel');
}
VendorProductVersionCPE
novellsuse_linuxlibopenjpeg1p-cpe:/a:novell:suse_linux:libopenjpeg1
novellsuse_linuxopenjpeg-develp-cpe:/a:novell:suse_linux:openjpeg-devel
novellsuse_linux15cpe:/o:novell:suse_linux:15

Related

suse 2
nessus 66
osv 17
debiancve 7
prion 7
openvas 18
ubuntucve 8
debian 5
cve 7
mageia 6
alpinelinux 6
ubuntu 3
cloudfoundry 1
redhatcve 7
veracode 5
oraclelinux 5
fedora 14
redhat 7
centos 2
altlinux 1
archlinux 1
gentoo 1
almalinux 1
rocky 1
amazon 1
suse
suse
Security update for openjpeg (important)
2022-04-21 00:00:00
Security update for openjpeg2 (important)
2022-04-19 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : openjpeg2 (SUSE-SU-2022:1252-1)
2022-04-20 00:00:00
SUSE SLES12 Security Update : openjpeg2 (SUSE-SU-2022:1129-1)
2022-04-08 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : openjpeg2 (EulerOS-SA-2020-1365)
2020-04-02 00:00:00
osv
osv
openjpeg2 - security update
2020-07-11 00:00:00
CVE-2020-8112
2020-01-28 18:15:11
openjpeg2 - security update
2021-04-01 00:00:00
debiancve
debiancve
CVE-2020-8112
2020-01-28 18:15:00
CVE-2018-16376
2018-09-03 00:29:00
CVE-2018-14423
2018-07-19 19:29:00
prion
prion
Heap overflow
2020-01-28 18:15:00
Heap overflow
2018-09-03 00:29:00
Design/Logic Flaw
2018-07-19 19:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2020-1168)
2020-02-25 00:00:00
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2020-1365)
2020-04-01 00:00:00
Debian LTS: Security Advisory for openjpeg2 (DLA-2277-1)
2020-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2020-8112
2020-01-28 00:00:00
CVE-2018-16376
2018-09-03 00:00:00
CVE-2018-14423
2018-07-19 00:00:00
debian
debian
[SECURITY] [DLA 2277-1] openjpeg2 security update
2020-07-10 20:01:49
[SECURITY] [DLA 2089-1] openjpeg2 security update
2020-01-30 22:09:57
[SECURITY] [DSA 4882-1] openjpeg2 security update
2021-04-01 19:50:00
cve
cve
CVE-2020-8112
2020-01-28 18:15:00
CVE-2018-16376
2018-09-03 00:29:00
CVE-2018-14423
2018-07-19 19:29:00
mageia
mageia
Updated openjpeg2 packages fix security vulnerability
2020-02-04 14:07:12
Updated openjpeg2 packages fix security vulnerability
2019-03-29 18:51:06
Updated openjpeg2 packages fix a security vulnerability
2021-05-22 01:47:24
alpinelinux
alpinelinux
CVE-2020-8112
2020-01-28 18:15:00
CVE-2018-14423
2018-07-19 19:29:00
CVE-2020-27823
2021-05-13 15:15:00
ubuntu
ubuntu
OpenJPEG vulnerabilities
2023-03-15 00:00:00
OpenJPEG vulnerabilities
2020-09-15 00:00:00
OpenJPEG vulnerabilities
2021-01-07 00:00:00
cloudfoundry
cloudfoundry
USN-5952-1: OpenJPEG vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
redhatcve
redhatcve
CVE-2018-16376
2019-10-13 07:39:16
CVE-2018-14423
2019-05-14 12:24:33
CVE-2020-27823
2020-12-09 02:34:29
veracode
veracode
Arbitrary Code Execution
2020-12-23 16:51:38
Denial Of Service (DoS)
2021-04-28 05:32:39
Denial Of Service (DoS)
2021-01-07 19:18:35
oraclelinux
oraclelinux
openjpeg2 security update
2020-01-29 00:00:00
openjpeg2 security update
2020-02-25 00:00:00
openjpeg2 security update
2020-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: openjpeg2-2.3.1-4.fc30
2020-02-02 01:53:47
[SECURITY] Fedora 31 Update: mingw-openjpeg2-2.3.1-7.fc31
2020-02-22 01:34:48
[SECURITY] Fedora 30 Update: mingw-openjpeg2-2.3.1-7.fc30
2020-02-29 03:04:03
redhat
redhat
(RHSA-2020:0274) Important: openjpeg2 security update
2020-01-29 09:14:13
(RHSA-2020:0262) Important: openjpeg2 security update
2020-01-28 13:38:44
(RHSA-2020:0296) Important: openjpeg2 security update
2020-01-30 09:40:50
centos
centos
openjpeg2 security update
2020-01-28 21:28:01
openjpeg2 security update
2020-02-20 16:14:42
altlinux
altlinux
Security fix for the ALT Linux 10 package libopenjpeg2.0 version 2.5.0-alt1
2022-05-18 00:00:00
archlinux
archlinux
[ASA-202012-21] openjpeg2: multiple issues
2020-12-09 00:00:00
gentoo
gentoo
OpenJPEG: Multiple Vulnerabilities
2022-09-07 00:00:00
almalinux
almalinux
Moderate: openjpeg2 security update
2021-11-09 08:51:11
rocky
rocky
openjpeg2 security update
2021-11-09 08:51:11
amazon
amazon
Medium: openjpeg2
2022-01-18 21:37:00
JSON
Related for SUSE_SU-2022-1296-1.NASL
suse2nessus66osv17debiancve7prion7openvas18ubuntucve8debian5cve7mageia6alpinelinux6ubuntu3cloudfoundry1redhatcve7veracode5oraclelinux5fedora14redhat7centos2altlinux1archlinux1gentoo1almalinux1rocky1amazon1