CVE-2018-20846 — Improper Input Validation in Openjpeg

CWE-20 — Improper Input Validation CWE-125 — Out-of-bounds Read9 documents7 sources

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 36.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Openjpeg Project Openjpeg2 Uclouvain Openjpeg

Timeline

PublishedJun 26

Latest updateMay 24

Description

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶Debianthe_openjpeg_project/openjpeg2< 2.3.1-1+3

▶NVDuclouvain/openjpeg2.3.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-g752-v9rv-66cg: Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi↗2022-05-24

▶

OSV

CVE-2018-20846: Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi↗2019-06-26

▶

CVEList

CVE-2018-20846: Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi↗2019-06-26

▶

📋Vendor Advisories

Red Hat

openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service↗2019-06-26

▶

Debian

CVE-2018-20846: openjpeg2 - Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl...↗2018

▶

💬Community

Bugzilla

CVE-2018-20846 openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service [fedora-all]↗2019-07-10

▶

Bugzilla

CVE-2018-20846 openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service↗2019-07-10

▶

Bugzilla

CVE-2018-20846 openjpeg2: openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service [e↗2019-07-10

▶