Lucene search

UbuntuUSN-5664-1

HistoryOct 07, 2022 - 12:00 a.m.

OpenJPEG vulnerabilities

2022-10-0700:00:00

ubuntu.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

Releases

Ubuntu 16.04 ESM

Packages

openjpeg - development files for OpenJPEG, a JPEG 2000 image library - dev

Details

It was discovered that OpenJPEG did not properly handle PNM
headers, resulting in a null pointer dereference. A remote
attacker could possibly use this issue to cause a denial of
service (DoS). (CVE-2016-7445)

It was discovered that OpenJPEG incorrectly handled certain
image files resulting in division by zero. A remote attacker
could possibly use this issue to cause a denial of service
(DoS). (CVE-2016-9112 and CVE-2016-10506)

It was discovered that OpenJPEG incorrectly handled converting
certain image files resulting in a stack buffer overflow. A
remote attacker could possibly use this issue to cause a
denial of service (DoS). (CVE-2017-17479)

It was discovered that OpenJPEG incorrectly handled converting
PNM image files resulting in a null pointer dereference. A
remote attacker could possibly use this issue to cause a denial
of service (DoS). (CVE-2018-18088)

It was discovered that OpenJPEG incorrectly handled converting
DWT images files resulting in a buffer overflow. A remote
attacker could possibly use this issue to cause a denial of
service (DoS). (CVE-2020-27824)

OSVersionArchitecturePackageVersionFilename
Ubuntu16.04noarchopenjpip-dec-server< 1:1.5.2-3.1ubuntu0.1~esm2UNKNOWN
Ubuntu16.04noarchlibopenjpeg-dev< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-dev-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-java< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg-java-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5-dbg< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchlibopenjpeg5-dbgsym< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchopenjpeg-tools< 1:1.5.2-3.1UNKNOWN
Ubuntu16.04noarchopenjpeg-tools-dbgsym< 1:1.5.2-3.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	16.04	noarch	openjpip-dec-server	< 1:1.5.2-3.1ubuntu0.1~esm2	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-dev	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-dev-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-java	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg-java-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5-dbg	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	libopenjpeg5-dbgsym	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	openjpeg-tools	< 1:1.5.2-3.1	UNKNOWN
Ubuntu	16.04	noarch	openjpeg-tools-dbgsym	< 1:1.5.2-3.1	UNKNOWN