CVE-2020-15389: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated…

medium6.5CVSS 3.1

AVNACHPRNUINSUCLINAH

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

Affected

13 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	openjpeg2	< openjpeg2 2.4.0-1 (bookworm)	openjpeg2 2.4.0-1 (bookworm)
oracle	outside_in_technology	—	—
oracle	outside_in_technology	—	—
the_openjpeg_project	openjpeg2	>= 0 < 2.4.0-1	2.4.0-1
the_openjpeg_project	openjpeg2	>= 0 < 2.4.0-1	2.4.0-1
the_openjpeg_project	openjpeg2	>= 0 < 2.4.0-1	2.4.0-1
the_openjpeg_project	openjpeg2	>= 0 < 2.4.0-1	2.4.0-1
the_openjpeg_project	openjpeg2	>= 0 < 2.1.2-1.1+deb9u5build0.16.04.1	2.1.2-1.1+deb9u5build0.16.04.1
the_openjpeg_project	openjpeg2	>= 0 < 2.3.0-2+deb10u2build0.18.04.1	2.3.0-2+deb10u2build0.18.04.1
the_openjpeg_project	openjpeg2	>= 0 < 2.1.2-1.1+deb9u6ubuntu0.1~esm3	2.1.2-1.1+deb9u6ubuntu0.1~esm3
uclouvain	openjpeg	<= 2.3.1	—

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

osv7.5HIGH