Lucene search

K
ubuntucveUbuntu.comUB:CVE-2016-9116
HistoryOct 30, 2016 - 12:00 a.m.

CVE-2016-9116

2016-10-3000:00:00
ubuntu.com
ubuntu.com
5

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.8%

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in
OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted
j2k file.

Bugs

Notes

Author Note
ccdm94 Pull request 895 seems to be an initial attempt to fix this issue. However, pull request 895 was never merged, and instead, five issues which did not include issue 856 were fixed by various commits created by upstream (these can be seen in PR 895) which utilized part of what was being proposed in 895 by an openjpeg contributor. The changes proposed in 895 that were not added by the upstream commits previously mentioned were added to a new pull request, 975, which attempts to fix various issues. Looking at comments in issue 863 it was possible to verify that the fix for CVE-2016-9114 is possibly commit 2fa0fc61f2d (see CVE-2016-9114 for more details). This CVE mentions a vulnerability similar to the one we have here in CVE-2016-9116. Therefore, looking at the patch for CVE-2016-9114 and looking at the changes proposed by PR 975, it seems like the changes in this PR aim to address CVE-2016-9116 in a way similar to the one used to address CVE-2016-9114. PR 975 was merged, however, it introduced regressions. See PR in order to verify changes made after it was merged in order to fix introduced regressions if adding patch.
eslerm upstream made 4 commits to src/bin/jp2/convert.c in late July before asking discoverer to retest who said openjpeg was then patched: 2fa0fc6, 784d4d4, c22cbd8, and 00f4568 note that 00f4568 is part of 0394f8d
OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchopenjpeg2< anyUNKNOWN

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

40.8%

Related for UB:CVE-2016-9116