Bugzilla – Bug 1180044
VUL-1: CVE-2020-27843: openjpeg,openjpeg2,ghostscript: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c
Last modified: 2024-07-31 07:07:05 UTC
CVE-2020-27843 A flaw was found in OpenJPEG. Specially crafted input file can lead to an out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c. References: https://github.com/uclouvain/openjpeg/issues/1297 https://bugzilla.redhat.com/show_bug.cgi?id=1907516 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27843
Reproducible in upstream openjpeg v2.1.0 and later: ./bin/opj_compress -o ./a.j2k -i ../100862641-5e018f80-34ce-11eb-832f-59154a0d8b98.png -r 19,9,0 -c \[16,32\],\[16,32\] -p CPRL -s 8,8 -TP L -d 50,50 >==2639==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000002500 at pc 0x7f3fc8f7f85f bp 0x7ffe4fd46100 sp 0x7ffe4fd460f8 >READ of size 4 at 0x621000002500 thread T0 SLE-15 openjpeg v1.5.2: LD_LIBRARY_PATH=bin/ bin/image_to_j2k -o ./a.j2k -i ../../../100862641-5e018f80-34ce-11eb-832f-59154a0d8b98.png -r 19,9,0 -c \[16,32\],\[16,32\] -p CPRL -s 8,8 -TP L -d 50,50 >==3622==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x621000002500 at pc 0x7ff80d316f9d bp 0x7ffec4b9f240 sp 0x7ffec4b9f238 >READ of size 4 at 0x621000002500 thread T0 SUSE:SLE-12:Update ghostscript Affected SUSE:SLE-12-SP2:Update openjpeg2 Affected SUSE:SLE-15:Update ghostscript Affected SUSE:SLE-15:Update openjpeg Affected SUSE:SLE-15:Update openjpeg2 Affected
Hi, any update on this?
We decided to WONTFIX the embedded openjpeg2 in ghostscript, since backporting the patches or compiling it with the system openjpeg2 could likely cause regressions. @Hans, we are still missing submissions for: - SUSE:SLE-15:Update/openjpeg - SUSE:SLE-12-SP2:Update/openjpeg2 - SUSE:SLE-15:Update/openjpeg2
SUSE-SU-2022:3801-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1149789,1179821,1180043,1180044,1180046 CVE References: CVE-2018-21010,CVE-2020-27824,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): openjpeg2-2.1.0-4.18.2 SUSE OpenStack Cloud 9 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server for SAP 12-SP4 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP5 (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP4-LTSS (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP3-BCL (src): openjpeg2-2.1.0-4.18.2 SUSE Linux Enterprise Server 12-SP2-BCL (src): openjpeg2-2.1.0-4.18.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3802-1: An update that fixes 8 vulnerabilities is now available. Category: security (important) Bug References: 1140205,1149789,1179594,1179821,1180042,1180043,1180044,1180046 CVE References: CVE-2018-20846,CVE-2018-21010,CVE-2020-27814,CVE-2020-27824,CVE-2020-27841,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: openSUSE Leap 15.4 (src): openjpeg2-2.3.0-150000.3.8.1 openSUSE Leap 15.3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Server 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Retail Branch Server 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Manager Proxy 4.1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15-SP1 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server for SAP 15 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Server 15-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Enterprise Storage 7 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE Enterprise Storage 6 (src): openjpeg2-2.3.0-150000.3.8.1 SUSE CaaS Platform 4.0 (src): openjpeg2-2.3.0-150000.3.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:4082-1: An update that fixes 6 vulnerabilities is now available. Category: security (important) Bug References: 1140205,1149789,1179821,1180043,1180044,1180046 CVE References: CVE-2018-20846,CVE-2018-21010,CVE-2020-27824,CVE-2020-27842,CVE-2020-27843,CVE-2020-27845 JIRA References: Sources used: openSUSE Leap 15.4 (src): openjpeg-1.5.2-150000.4.10.1 openSUSE Leap 15.3 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server for SAP 15 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Server 15-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): openjpeg-1.5.2-150000.4.10.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): openjpeg-1.5.2-150000.4.10.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Released.