Bugzilla – Bug 1180043
VUL-1: CVE-2020-27842: openjpeg,openjpeg2,ghostscript: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c
Last modified: 2024-07-19 12:44:55 UTC
CVE-2020-27842 A flaw was found in OpenJPEG. Specially crafted file can lead to an out-of-bounds read in opj_tgt_reset function in lib/openjp2/tgt.c. References: https://github.com/uclouvain/openjpeg/issues/1294 https://bugzilla.redhat.com/show_bug.cgi?id=1907513 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27842
Reproducible in upstream openjpeg down to at least v2.1.0. SUSE:SLE-12:Update ghostscript Affected SUSE:SLE-12-SP2:Update openjpeg2 Affected SUSE:SLE-15:Update ghostscript Affected SUSE:SLE-15:Update openjpeg Affected SUSE:SLE-15:Update openjpeg2 Affected
SUSE:SLE-15:Update openjpeg 1.5.2, compiled with -fsanitize=address: LD_LIBRARY_PATH=bin/ bin/image_to_j2k -o ./a.j2k -i ../../../100737764-8f675600-340f-11eb-977d-856912cb77b3.png -c \[32,32\],\[32,32\] -TP C -d 50,50 ================================================================= ==32395==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000002500 at pc 0x7eff7ecb7f9d bp 0x7ffed96af570 sp 0x7ffed96af568 READ of size 4 at 0x621000002500 thread T0 ...
Hi, any update on this?
@Hans, is SUSE:SLE-15:Update/openjpeg affected here?
(In reply to Thomas Leroy from comment #5) > @Hans, is SUSE:SLE-15:Update/openjpeg affected here? Yes, as is openjpeg2.
We decided to WONTFIX the embedded openjpeg2 in ghostscript, since backporting the patches or compiling it with the system openjpeg2 could likely cause regressions. @Hans, we are still missing submissions for: - SUSE:SLE-15:Update/openjpeg - SUSE:SLE-12-SP2:Update/openjpeg2 - SUSE:SLE-15:Update/openjpeg2
SUSE-SU-2022:3801-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1149789,1179821,1180043,1180044,1180046 CVE References: CVE-2018-21010,CVE-2020-27824,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): openjpeg2-2.1.0-4.18.2 SUSE OpenStack Cloud 9 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server for SAP 12-SP4 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP5 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP4-LTSS (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP3-BCL (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP2-BCL (src): openjpeg2-2.1.0-4.18.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3802-1: An update that fixes 8 vulnerabilities is now available. Category: security (important) Bug References: 1140205,1149789,1179594,1179821,1180042,1180043,1180044,1180046 CVE References: CVE-2018-20846,CVE-2018-21010,CVE-2020-27814,CVE-2020-27824,CVE-2020-27841,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: openSUSE Leap 15.4 (src): openjpeg2-2.3.0-150000.3.8.1 openSUSE Leap 15.3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Server 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Retail Branch Server 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Proxy 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Enterprise Storage 7 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Enterprise Storage 6 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE CaaS Platform 4.0 (src): openjpeg2-2.3.0-150000.3.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4082-1: An update that fixes 6 vulnerabilities is now available. Category: security (important) Bug References: 1140205,1149789,1179821,1180043,1180044,1180046 CVE References: CVE-2018-20846,CVE-2018-21010,CVE-2020-27824,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: openSUSE Leap 15.4 (src): openjpeg-1.5.2-150000.4.10.1 openSUSE Leap 15.3 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server for SAP 15 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): openjpeg-1.5.2-150000.4.10.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
All done, closing.