A heap buffer overflow flaw was found in the way openjpeg decompressed certain input images. Due to an insufficient check in the imagetopnm() function, an application using openjpeg to process image data could crash when processing a crafted image. Upstream bug: https://github.com/uclouvain/openjpeg/issues/862 Upstream patch: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d Note that the above patch fixes two issues: CVE-2016-9573 as well as CVE-2016-9572.
Acknowledgments: Name: Liu Bingchang (IIE)
Created mingw-openjpeg tracking bugs for this issue: Affects: fedora-all [bug 1402721] Created mingw-openjpeg2 tracking bugs for this issue: Affects: fedora-all [bug 1402720] Created openjpeg tracking bugs for this issue: Affects: fedora-all [bug 1402719] Created openjpeg2 tracking bugs for this issue: Affects: epel-6 [bug 1402722] Affects: fedora-all [bug 1402718]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0838 https://rhn.redhat.com/errata/RHSA-2017-0838.html
Created openjpeg2 tracking bugs for this issue: Affects: epel-7 [bug 1435069]