Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
Created openjpeg tracking bugs for this issue:
Affects: fedora-all [bug 1728507]
Created openjpeg2 tracking bugs for this issue:
Affects: epel-all [bug 1728508]
The patch is already part of openjpeg-2.3.1, which is F28+ and epel7.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2021:4251 https://access.redhat.com/errata/RHSA-2021:4251