QID 353122

Date Published: 2022-02-01

QID 353122: Amazon Linux Security Advisory for openjpeg2 : ALAS2-2022-1741

division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in openjpeg through 2.3.0 allow remote attackers to cause a denial of service (application crash). (
( CVE-2018-20845) an improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in openjpeg through 2.3.0 can lead to an integer overflow. (
( CVE-2018-20847) in openjpeg 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c).
Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. (
( CVE-2018-5727) in openjpeg 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c).
( CVE-2018-5785) in openjpeg 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c.
This issue is similar to( CVE-2018-6616. (
( CVE-2019-12973) jp2/opj_decompress.c in openjpeg through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor.
Triggering a double-free may also be possible.
This is related to calling opj_image_destroy twice. (
( CVE-2020-15389) a heap-buffer overflow was found in the way openjpeg2 handled certain png format files.
An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application. (
( CVE-2020-27814) a flaw was found in openjpegs encoder.
This flaw allows an attacker to pass specially crafted x,y offset input to openjpeg to use during encoding.

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.

CVSS V3 rated as Critical - 8.8 severity.

CVSS V2 rated as High - 6.8 severity.

Solution

Please refer to Amazon advisory: ALAS2-2022-1741 for affected packages and patching details, or update with your package manager.

Vendor References

ALAS2-2022-1741 - alas.aws.amazon.com/AL2/ALAS-2022-1741.html

CVEs related to QID 353122

CVE-2018-5727 | CVE-2019-12973 | CVE-2020-27823 | CVE-2018-20845 | CVE-2018-5785 | CVE-2020-27824 | CVE-2020-15389 | CVE-2021-3575 | CVE-2020-27814 | CVE-2020-27845 | CVE-2021-29338 | CVE-2020-27842 | CVE-2020-27843 | CVE-2018-20847 |

Software Advisories

Advisory ID	Software	Component	Link
ALAS2-2022-1741	Amazon Linux 2		alas.aws.amazon.com/AL2/ALAS-2022-1741.html

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].