CVE-2020-6851 — Out-of-bounds Write in Openjpeg

CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow19 documents9 sources

Severity

7.5HIGHNVD

OSV6.5

EPSS

1.4%

top 19.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Openjpeg Project Openjpeg2 Uclouvain Openjpeg Debian Linux +10 more

Timeline

PublishedJan 13

Latest updateMar 15

Description

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

▶Debianthe_openjpeg_project/openjpeg2< 2.4.0-1+3

▶Ubuntuthe_openjpeg_project/openjpeg2< 2.1.2-1.1+deb9u5build0.16.04.1+2

▶NVDuclouvain/openjpeg2.3.1

▶NVDoracle/georaster18c

▶NVDoracle/outside_in_technology8.5.4, 8.5.5+1

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 30, 31, Enterprise Linux 8.0, 7.7, 8.1, 8.2, 8.4

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

openjpeg2 vulnerabilities↗2023-03-15

▶

GHSA

GHSA-6gvh-974v-q8vj: OpenJPEG through 2↗2022-05-24

▶

OSV

OpenJPEG vulnerabilities↗2020-09-15

▶

CVEList

CVE-2020-6851: OpenJPEG through 2↗2020-01-13

▶

OSV

CVE-2020-6851: OpenJPEG through 2↗2020-01-13

▶

📋Vendor Advisories

Ubuntu

OpenJPEG vulnerabilities↗2023-03-15

▶

Ubuntu

Ghostscript vulnerabilities↗2021-01-07

▶

Ubuntu

OpenJPEG vulnerabilities↗2020-09-15

▶

Red Hat

openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c↗2020-02-07

▶

Microsoft

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case a different issue than CVE-2020-6851.↗2020-01-14

▶

💬Community

Bugzilla

CVE-2020-6851 openjpeg2: openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [openstack-rdo]↗2020-01-14

▶

Bugzilla

CVE-2020-6851 openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [fedora-all]↗2020-01-13

▶

Bugzilla

CVE-2020-6851 openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()↗2020-01-13

▶

Bugzilla

CVE-2020-6851 openjpeg2: openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [epel-all]↗2020-01-13

▶

Bugzilla

CVE-2020-6851 openjpeg2: openjpeg: a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so [fedora-all]↗2020-01-13

▶