First Last Prev Next    This bug is not in your last search results.
Bug 1056621 - (CVE-2017-14040) VUL-0: CVE-2017-14040: openjpeg2: An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG2.2.0, triggering a crash in the tgatoimage function. The vulnerabilitymay lead to remote denial of service or possibly unspecified o
(CVE-2017-14040)
VUL-0: CVE-2017-14040: openjpeg2: An invalid write access was discovered in b...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 42.2
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/191292/
CVSSv2:SUSE:CVE-2017-14040:4.3:(AV:N/...
:
Depends on:
Blocks: 1057435
  Show dependency treegraph
 
Reported: 2017-08-31 12:21 UTC by Marcus Meissner
Modified: 2017-10-11 06:42 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
00326-openjpeg-invalidwrite-tgatoimage.tga (100 bytes, application/octet-stream)
2017-08-31 12:23 UTC, Marcus Meissner 		Details
openjpeg2-CVE-2017-14040.patch (2.43 KB, patch)
2017-09-12 20:33 UTC, Hans Petter Jansson 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-08-31 12:21:32 UTC 
CVE-2017-14040

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG
2.2.0, triggering a crash in the tgatoimage function. The vulnerability
may lead to remote denial of service or possibly unspecified other
impact.

https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/
https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281
https://github.com/uclouvain/openjpeg/issues/995
Comment 1 Marcus Meissner 2017-08-31 12:23:26 UTC 
Created attachment 739006 [details]
00326-openjpeg-invalidwrite-tgatoimage.tga

QA REPRODUCER:

opj_compress -r 20,10,1 -jpip -EPH -SOP -cinema2K 24 -n 1 -i 00326-openjpeg-invalidwrite-tgatoimage.tga -o null.j2k

should not crash
Comment 2 Marcus Meissner 2017-08-31 12:24:31 UTC 
I could not get it to crash on leap or factory. assuming not affected.
Comment 3 Hans Petter Jansson 2017-09-12 19:41:36 UTC 
Based on upstream fix and code inspection, SLE, Leap and TW are all affected.
Comment 4 Hans Petter Jansson 2017-09-12 20:33:29 UTC 
Created attachment 740414 [details]
openjpeg2-CVE-2017-14040.patch
Comment 5 Bernhard Wiedemann 2017-09-12 22:01:22 UTC 
This is an autogenerated message for OBS integration:
This bug (1056621) was mentioned in
https://build.opensuse.org/request/show/523821 42.3 / openjpeg2
https://build.opensuse.org/request/show/523822 42.2 / openjpeg2
Comment 7 Swamp Workflow Management 2017-10-05 10:09:38 UTC 
SUSE-SU-2017:2649-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056421,1056562,1056621,1056622,1057511
CVE References: CVE-2016-10507,CVE-2017-14039,CVE-2017-14040,CVE-2017-14041,CVE-2017-14164
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    openjpeg2-2.1.0-4.6.1
SUSE Linux Enterprise Server 12-SP3 (src):    openjpeg2-2.1.0-4.6.1
SUSE Linux Enterprise Server 12-SP2 (src):    openjpeg2-2.1.0-4.6.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    openjpeg2-2.1.0-4.6.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    openjpeg2-2.1.0-4.6.1
Comment 8 Andreas Stieger 2017-10-10 07:18:29 UTC 
releasing for Leap, done
Comment 9 Swamp Workflow Management 2017-10-10 13:07:48 UTC 
openSUSE-SU-2017:2685-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056421,1056562,1056621,1056622,1057511
CVE References: CVE-2016-10507,CVE-2017-14039,CVE-2017-14040,CVE-2017-14041,CVE-2017-14164
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    openjpeg2-2.1.0-8.1, openjpeg2-2.1.0-9.1
Comment 10 Swamp Workflow Management 2017-10-10 13:08:41 UTC 
openSUSE-SU-2017:2686-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1056421,1056562,1056621,1056622,1057511
CVE References: CVE-2016-10507,CVE-2017-14039,CVE-2017-14040,CVE-2017-14041,CVE-2017-14164
Sources used:
openSUSE Leap 42.3 (src):    openjpeg2-2.1.0-19.1
openSUSE Leap 42.2 (src):    openjpeg2-2.1.0-13.6.1
First Last Prev Next    This bug is not in your last search results.