Bug 1942097 (CVE-2021-3467)
| Summary: | CVE-2021-3467 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | erik-fedora, jridky, manisandro, rh-spice-bugs, rjones |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | jasper 2.0.26 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A NULL pointer dereference flaw was found in Jasper in the way it handled component references in the CDEF box in the JP2 image format decoder. This flaw allows a specially crafted JP2 image file to cause an application using the Jasper library to crash when opened. The highest threat from this vulnerability is system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1942098, 1942099, 1942100, 1942101, 1942102 | ||
| Bug Blocks: | 1939236, 1942703 | ||
|
Description
Tomas Hoger
2021-03-23 16:18:11 UTC
Created jasper tracking bugs for this issue: Affects: fedora-all [bug 1942098] Created mingw-jasper tracking bugs for this issue: Affects: fedora-all [bug 1942099] Note that the fist Jasper version that crashes with the reproducer included in the upstream bug report is 2.0.20. However, the problem exists in earlier versions as well. More detailed analysis can be found in the upstream issue: https://github.com/jasper-software/jasper/issues/269#issuecomment-804423097 |