There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a denial of service attack. Product bug: https://bugzilla.redhat.com/show_bug.cgi?id=1485286
Created jasper tracking bugs for this issue: Affects: fedora-all [bug 1434464] Created mingw-jasper tracking bugs for this issue: Affects: epel-7 [bug 1434465] Affects: fedora-all [bug 1434467]
This issue, along with the related CVE-2017-13750 (bug 1488963) was now reported upstream via: https://github.com/mdadams/jasper/issues/165 Note that the two assertions triggered in the jpc_dec_process_siz() function were only introduced in Jasper version 2.0.12 and hence these CVEs are not applicable to older versions.
Upstream commit: https://github.com/jasper-software/jasper/commit/1b1c591306817e46e1e6a3300f714992b32f972b Fixed upstream in jasper 2.0.17.