In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has a integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. Upstream bug: https://github.com/opencv/opencv/issues/9371
Created opencv tracking bugs for this issue: Affects: fedora-all [bug 1483700]