Mageia 6 Severe: OpenJPEG Denial Of Service Due To Code Injection

mageia

March 29, 2019

Updated openjpeg2 packages fix security vulnerability: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJ...

Summary

Updated openjpeg2 packages fix security vulnerability:
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (CVE-2018-14423).

References

- https://bugs.mageia.org/show_bug.cgi?id=24511

- https://lists.debian.org/debian-security-announce/2019/msg00049.html

- https://www.cve.org/CVERecord?id=CVE-2018-14423

Topics Covered

security advisory denial of service package update severe openjpeg mageia

Resolution

SRPMS

- 6/core/openjpeg2-2.2.0-1.4.mga6

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 29 Mar 2019

URL: https://advisories.mageia.org/MGASA-2019-0119.html

Type: security

CVE: CVE-2018-14423

Topics Covered

security advisory denial of service package update severe openjpeg mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks