{"id":"MGASA-2016-0362","summary":"Updated openjpeg2 packages fix security vulnerabilities","details":"A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in\nopj_tcd_free_tile() (CVE-2016-3181).\n\nA specially crafted JPEG2000 image file can force Heap Corruption in\nopj_free() (CVE-2016-3182).\n\nA specially crafted JPEG2000 image file can force Out-Of-Bounds Read in\nsycc422_to_rgb() (CVE-2016-3183).\n\nOpenJPEG Heap Buffer Overflow in function color_cmyk_to_rgb() in color.c\n(CVE-2016-4796).\n\nOpenJPEG division-by-zero in function opj_tcd_init_tile() in tcd.c\n(CVE-2016-4797).\n\nHeap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c\nin OpenJPEG allows remote attackers to execute arbitrary code via\ncrafted coordinate values in JPEG 2000 data (CVE-2016-5157).\n\nInteger overflow in the opj_pi_create_decode function in pi.c in\nOpenJPEG allows remote attackers to execute arbitrary code via a crafted\nJP2 file, which triggers an out-of-bounds read or write (CVE-2016-7163).\n\nconvert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a\ndenial of service (NULL pointer dereference and application crash) via\nvectors involving the variable s (CVE-2016-7445).\n\nA buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when\nparsing a crafted image. An exploitable code execution vulnerability\nexists in the jpeg2000 image file format parser as implemented in the\nOpenJpeg library. A specially crafted jpeg2000 file can cause an out of\nbound heap write resulting in heap corruption leading to arbitrary code\nexecution (CVE-2016-8332).\n","modified":"2026-04-16T06:24:54.078618143Z","published":"2016-11-03T09:02:50Z","upstream":["CVE-2016-3181","CVE-2016-3182","CVE-2016-3183","CVE-2016-4796","CVE-2016-4797","CVE-2016-5157","CVE-2016-7163","CVE-2016-7445","CVE-2016-8332"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0362.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17536"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HPMDEUIMHTLKMHELDL4F4HZ7X4Y34JEB/"},{"type":"WEB","url":"https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md"},{"type":"WEB","url":"https://www.debian.org/security/2016/dsa-3665"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2016-09/msg00109.html"},{"type":"WEB","url":"http://www.talosintelligence.com/reports/TALOS-2016-0193/"},{"type":"WEB","url":"http://www.openjpeg.org/2016/09/28/OpenJPEG-2.1.2-released"},{"type":"WEB","url":"https://github.com/uclouvain/openjpeg/blob/openjpeg-2.1/CHANGELOG.md"}],"affected":[{"package":{"name":"openjpeg2","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/openjpeg2?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.2-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0362.json"}},{"package":{"name":"ghostscript","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/ghostscript?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.14-3.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0362.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}