An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service. References: https://github.com/mdadams/jasper/issues/182
Created jasper tracking bugs for this issue: Affects: fedora-all [bug 1658792] Created mingw-jasper tracking bugs for this issue: Affects: epel-7 [bug 1658794] Affects: fedora-all [bug 1658793]
Not really a NULL ptr deref, but it can end up using garbage memory and the outcome can look like it is