Artifex jbig2dec allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash).
Created jbig2dec tracking bugs for this issue:
Affects: epel-all [bug 1443899]
Affects: fedora-all [bug 1443898]
Created ghostscript tracking bugs for this issue:
Affects: fedora-all [bug 1443934]
Created mupdf tracking bugs for this issue:
Affects: fedora-all [bug 1443933]
Name: Dai Ge (Chinese Academy of Sciences)
CVE-2017-7976 is a regression caused by the upstream commit cecf6b (fixing CVE-2016-9601), in which signed int were changed to unsigned int.
As such, RHEL 5,6 & 7 are not affected.