{"id":"MGASA-2020-0337","summary":"Updated jasper packages fix security vulnerabilities","details":"The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote\nattackers to cause a denial of service (invalid read) via a crafted image\n(CVE-2017-6851).\n\nHeap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in\nJasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted\nimage (CVE-2017-6852).\n\nJasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based\nbuffer over-read and application crash) via a crafted image, related to the\njp2_decode function in libjasper/jp2/jp2_dec.c (CVE-2017-9782).\n\nThere is a reachable assertion abort in the function jpc_dec_process_sot() in\njpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service\nattack by triggering an unexpected jpc_ppmstabtostreams return value (CVE-2017-13745).\n\nThere is a reachable assertion abort in the function jpc_dec_process_siz() in\njpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of\nservice attack (CVE-2017-13746).\n\nThere are lots of memory leaks in JasPer 2.0.12, triggered in the function\njas_strdup() in base/jas_string.c, that will lead to a remote denial of\nservice attack (CVE-2017-13748).\n\nThere is a reachable assertion abort in the function jpc_pi_nextrpcl() in\njpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service\nattack (CVE-2017-13749).\n\nThere is a reachable assertion abort in the function jpc_dec_process_siz() in\njpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of\nservice attack (CVE-2017-13750).\n\nThere is a reachable assertion abort in the function calcstepsizes() in\njpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service\nattack (CVE-2017-13751).\n\nJasPer 2.0.13 allows remote attackers to cause a denial of service (heap-based\nbuffer over-read and application crash) via a crafted image, related to the\njas_image_ishomosamp function in libjasper/base/jas_image.c (CVE-2017-14132).\n\nJasPer 2.0.14 allows denial of service via a reachable assertion in the\nfunction jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c (CVE-2018-9252).\n\nAn issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference\nin the function ras_putdatastd in ras/ras_enc.c (CVE-2018-18873).\n\nAn issue has been found in JasPer 2.0.14. There is a memory leak in\njas_malloc.c when called from jpc_unk_getparms in jpc_cs.c (CVE-2018-19139).\n\nAn issue was discovered in JasPer 2.0.14. There is a heap-based buffer\nover-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c\n(CVE-2018-19543).\n\njp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read\n(CVE-2018-20570).\n\nJasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when\n\"--output-format jp2\" is used (CVE-2018-20622).\n","modified":"2026-04-16T04:40:43.489402582Z","published":"2020-08-18T20:43:16Z","upstream":["CVE-2017-13745","CVE-2017-13746","CVE-2017-13748","CVE-2017-13749","CVE-2017-13750","CVE-2017-13751","CVE-2017-14132","CVE-2017-6851","CVE-2017-6852","CVE-2017-9782","CVE-2018-18873","CVE-2018-19139","CVE-2018-19543","CVE-2018-20570","CVE-2018-20622","CVE-2018-9252"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0337.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27045"},{"type":"WEB","url":"https://github.com/jasper-software/jasper/blob/master/NEWS"},{"type":"WEB","url":"https://security.gentoo.org/glsa/201908-03"}],"affected":[{"package":{"name":"jasper","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/jasper?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.19-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0337.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}