Bug 1179821 - (CVE-2020-27824) VUL-1: CVE-2020-27824: openjpeg,openjpeg2,ghostscript: OOB read in opj_dwt_calc_explicit_stepsizes()
(CVE-2020-27824)
VUL-1: CVE-2020-27824: openjpeg,openjpeg2,ghostscript: OOB read in opj_dwt_ca...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Hans Petter Jansson
Security Team bot
https://smash.suse.de/issue/272854/
CVSSv3.1:SUSE:CVE-2020-27824:6.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-12-09 10:45 UTC by Wolfgang Frisch
Modified: 2022-04-20 23:07 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2020-12-09 10:45:54 UTC
CVE-2020-27824

In openjpeg v2.3.1 and prior, if too many decomposition levels are supplied to the encoder, it could cause a global buffer overflow to out-of-bounds read in the opj_dwt_calc_explicit_stepsizes() function.

References:
https://github.com/uclouvain/openjpeg/pull/1292/commits/6daf5f3e1ec6eff03b7982889874a3de6617db8d
https://github.com/uclouvain/openjpeg/issues/1286
https://bugzilla.redhat.com/show_bug.cgi?id=1905723
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27824
Comment 1 Wolfgang Frisch 2020-12-09 12:11:26 UTC
SUSE:SLE-11-SP1:Update  ghostscript-library  Not affected [1]
SUSE:SLE-12:Update      ghostscript          Affected
SUSE:SLE-12-SP2:Update  openjpeg2            Affected
SUSE:SLE-15:Update      ghostscript          Affected
SUSE:SLE-15:Update      openjpeg             Affected
SUSE:SLE-15:Update      openjpeg2            Affected

[1] does not embed openjpeg
Comment 2 Gabriele Sonnu 2022-01-12 09:27:17 UTC
Hi, any update on this?
Comment 4 Thomas Leroy 2022-04-14 12:55:11 UTC
@Hans, is SUSE:SLE-15:Update/openjpeg affected here?
Comment 5 Hans Petter Jansson 2022-04-20 23:07:11 UTC
(In reply to Thomas Leroy from comment #4)
> @Hans, is SUSE:SLE-15:Update/openjpeg affected here?

Yes. openjpeg2, as well.