{"id":"CVE-2016-9573","details":"An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.","modified":"2026-04-01T23:58:23.441401Z","published":"2018-08-01T06:29:00.537Z","related":["MGASA-2016-0426","MGASA-2017-0122","SUSE-SU-2016:3270-1","openSUSE-SU-2017:2567-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201710-26"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3768"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2017-0838.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97073"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9573"},{"type":"FIX","url":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"type":"EVIDENCE","url":"https://github.com/uclouvain/openjpeg/issues/862"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/szukw000/openjpeg","events":[{"introduced":"0"},{"fixed":"7b28bd2b723df6be09fe7791eba33147c1c47d0d"}]},{"type":"GIT","repo":"https://github.com/uclouvain/openjpeg","events":[{"introduced":"0"},{"last_affected":"1f1e968269bbd7eaade7955892a6d8c281b91df2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.1.2"}]}}],"versions":["arelease","opj0-97","start","v2.1.1","v2.1.2","v2.2.0","v2.3.0","v2.3.1","v2.4.0","v2.5.0","v2.5.1","v2.5.2","v2.5.3","v2.5.4","version.1.0","version.1.1","version.1.2","version.1.3","version.1.4","version.1.5","version.1.5.1","version.1.5.2","version.2.0","version.2.0.1","version.2.1","wg1n6848"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"vanir_signatures":[{"id":"CVE-2016-9573-22dc9f72","signature_version":"v1","digest":{"length":2850,"function_hash":"193136940573119357836124800919983322157"},"target":{"function":"opj_j2k_get_tile","file":"src/lib/openjp2/j2k.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-238d320f","signature_version":"v1","digest":{"length":8298,"function_hash":"297676261437184694016835715520667960776"},"target":{"function":"main","file":"src/bin/jp2/opj_decompress.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-244fc7ff","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["318264711267618518751963823025624787858","255363180696734635951214510385402174049","309841295499363486108133483116972563936","14561951267035938107675197466098701316","15639637573197209635959170013101441935"]},"target":{"file":"src/bin/jp2/convertbmp.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-31a54708","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["228490326070881309985403427500286322939","17687366975017735657591238761002032239","239581916029237176554430048550513987813","212174472147716699098750234530926059957"]},"target":{"file":"src/bin/jp2/opj_decompress.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-524a6142","signature_version":"v1","digest":{"length":5536,"function_hash":"253581360288918369994768571986053002378"},"target":{"function":"imagetopnm","file":"src/bin/jp2/convert.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-5e356f67","signature_version":"v1","digest":{"length":1055,"function_hash":"33275239114353805521079340080330716201"},"target":{"function":"opj_j2k_decode","file":"src/lib/openjp2/j2k.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-619e62ee","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["80315732206355359049050769247888656091","183763278690463407009818878414944039954","62822351838568414076055483728315566222","122396704176018901594857699730273313546","262148574508447972117312429828193579183","136706975510943855203607052440698341936","193612096258726163727787347278234715483","47142360348409988863822996383906422293","52030118202603584211358048115811922219","190010574521500998074619833611306749941","111072910875417164785446644371401396370","153462369694004413846611341277916680725","257103834486202656738728233321824753304","72036359385383864535123877284098252703","203186649364705011118148340480887803902","339167995955655546575847274629792267207","161714677321586967482788935172220399570","190119430394339295500259979754348457523","36021345366885397673199063209432470823","12763122897174111320792906513163393472","139120114906283556372762204524320099530","230096631979752056642068377261925875985","308383285384679798260528084732020131797","91461493161587018849829739536973344207","242775405494858142976238549683244043885","284902547186276625068125661054229431110","265140894365009529774366330508618613646"]},"target":{"file":"src/bin/jp2/convert.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-9f24bb02","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["135871134447234627874245013138127965852","308005561986685042015028372656817408867","109625809900293282610397426434514288476","324530319344996584960719067886783000030","82526264930603096558269276368594977261","245830637960672274992287612575021189575","301571008654756861986195373651121103945","160900890564292618354247114135242261711","207179950201084715599855631176457646366","315164313095756400637091384970624751387","228743686273374863276121384749357185263","153686703996815414543249050234097436785","108237980005460661314357549048658353636","66907927412709611544060494845656412775","14182392715881408348973902011195640487"]},"target":{"file":"src/lib/openjp2/j2k.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-bbff2600","signature_version":"v1","digest":{"length":2903,"function_hash":"10145319696166922982477300412952557678"},"target":{"function":"imagetotga","file":"src/bin/jp2/convert.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-c03ddbc6","signature_version":"v1","digest":{"length":3477,"function_hash":"273635315231797665313944944891916635209"},"target":{"function":"imagetoraw_common","file":"src/bin/jp2/convert.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-c0ed7cde","signature_version":"v1","digest":{"length":8515,"function_hash":"275523838856146161356127068872183091878"},"target":{"function":"imagetobmp","file":"src/bin/jp2/convertbmp.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"},{"id":"CVE-2016-9573-d0d1abc4","signature_version":"v1","digest":{"length":10011,"function_hash":"63313544961116613434530705982078774213"},"target":{"function":"opj_j2k_read_siz","file":"src/lib/openjp2/j2k.c"},"signature_type":"Function","deprecated":false,"source":"https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9573.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}