Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1374337 - openjpeg: Heap buffer overflow in opj_dwt_interleave_v in dwt.c
Summary: openjpeg: Heap buffer overflow in opj_dwt_interleave_v in dwt.c
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1374339 1374340 1374341 1374342 1374343
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-08 13:11 UTC by Adam Mariš
Modified: 2019-09-29 13:56 UTC (History)
10 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-09-20 00:11:43 UTC
Embargoed:


Attachments (Terms of Use)

Description Adam Mariš 2016-09-08 13:11:58 UTC
An out-of-bounds write was found in function opj_dwt_interleave_v of dwt.c

Upstream patch:

https://github.com/uclouvain/openjpeg/commit/e078172b1c3f98d2219c37076b238fb759c751ea

CVE request:

http://seclists.org/oss-sec/2016/q3/438

Comment 1 Adam Mariš 2016-09-08 13:16:48 UTC
Created openjpeg tracking bugs for this issue:

Affects: fedora-all [bug 1374339]

Comment 2 Adam Mariš 2016-09-08 13:16:56 UTC
Created mingw-openjpeg tracking bugs for this issue:

Affects: fedora-all [bug 1374341]

Comment 3 Adam Mariš 2016-09-08 13:17:03 UTC
Created openjpeg2 tracking bugs for this issue:

Affects: fedora-all [bug 1374340]
Affects: epel-all [bug 1374343]

Comment 4 Adam Mariš 2016-09-08 13:17:11 UTC
Created mingw-openjpeg2 tracking bugs for this issue:

Affects: fedora-all [bug 1374342]

Comment 5 Doran Moppert 2016-09-12 02:37:50 UTC
The same vulnerability was previously fixed in Chromium as CVE-2016-5157 (bug 1372218).

https://pdfium.googlesource.com/pdfium/+/b6befb2ed2485a3805cddea86dc7574510178ea9

Comment 6 Doran Moppert 2016-09-13 07:17:53 UTC
This issue does not appear to be present in openjpeg-1.x; only openjpeg2.

Upstream ticket:

https://github.com/uclouvain/openjpeg/issues/823

Comment 7 Fedora Update System 2016-09-13 22:21:01 UTC
openjpeg2-2.1.1-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2016-09-15 18:40:32 UTC
openjpeg2-2.1.1-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2016-09-18 02:19:39 UTC
mingw-openjpeg2-2.1.1-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2016-09-18 05:21:22 UTC
mingw-openjpeg2-2.1.1-3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2016-09-18 05:21:43 UTC
openjpeg2-2.1.1-3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2016-09-18 17:44:30 UTC
mingw-openjpeg2-2.1.1-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.