Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Red Hat Enterprise Linux 8: RHSA-2021-4251 Security Update for OpenJPEG2

red hat
Calendar Grey November 9, 2021
Dist Redhat Esm H88
The OpenJPEG2 security patch for Red Hat Enterprise Linux 8 resolves several vulnerabilities classified as moderate, with updates now accessible.
An update for openjpeg2 is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.
The following packages have been upgraded to a later upstream version: openjpeg2 (2.4.0).
Security Fix(es):
* openjpeg: use-after-free and double-free via a mix of valid and invalid files in a directory operated on by the decompressor (CVE-2020-15389)
* openjpeg: heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS (CVE-2020-27814)
* openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode() (CVE-2020-27823)
* openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution (CVE-2021-3575)
* openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c (CVE-2018-5727)
* openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2/j2k.c (CVE-2018-5785)
* openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c (CVE-2018-20845)
* openjpeg: integer overflow in function opj_get_encoding_parameters in openjp2/pi.c (CVE-2018-20847)
* openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c (CVE-2019-12973)
* openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes() (CVE-2020-27824)
* openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c (CVE-2020-27842)
* openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c (CVE-2020-27843)
* openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c (CVE-2020-27845)
* openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c (CVE-2021-29338)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

Topics%20covered

Topics Covered

security advisory Red Hat Enterprise Linux moderate severity security patch image processing decompression issue OpenJPEG2

References

https://access.redhat.com/security/cve/CVE-2018-5727 https://access.redhat.com/security/cve/CVE-2018-5785 https://access.redhat.com/security/cve/CVE-2018-20845 https://access.redhat.com/security/cve/CVE-2018-20847 https://access.redhat.com/security/cve/CVE-2019-12973 https://access.redhat.com/security/cve/CVE-2020-15389 https://access.redhat.com/security/cve/CVE-2020-27814 https://access.redhat.com/security/cve/CVE-2020-27823 https://access.redhat.com/security/cve/CVE-2020-27824 https://access.redhat.com/security/cve/CVE-2020-27842 https://access.redhat.com/security/cve/CVE-2020-27843 https://access.redhat.com/security/cve/CVE-2020-27845 https://access.redhat.com/security/cve/CVE-2021-3575 https://access.redhat.com/security/cve/CVE-2021-29338 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.5_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: openjpeg2-2.4.0-4.el8.src.rpm
aarch64: openjpeg2-2.4.0-4.el8.aarch64.rpm openjpeg2-debuginfo-2.4.0-4.el8.aarch64.rpm openjpeg2-debugsource-2.4.0-4.el8.aarch64.rpm openjpeg2-tools-2.4.0-4.el8.aarch64.rpm openjpeg2-tools-debuginfo-2.4.0-4.el8.aarch64.rpm
noarch: openjpeg2-devel-docs-2.4.0-4.el8.noarch.rpm
ppc64le: openjpeg2-2.4.0-4.el8.ppc64le.rpm openjpeg2-debuginfo-2.4.0-4.el8.ppc64le.rpm openjpeg2-debugsource-2.4.0-4.el8.ppc64le.rpm openjpeg2-tools-2.4.0-4.el8.ppc64le.rpm openjpeg2-tools-debuginfo-2.4.0-4.el8.ppc64le.rpm
s390x: openjpeg2-2.4.0-4.el8.s390x.rpm openjpeg2-debuginfo-2.4.0-4.el8.s390x.rpm openjpeg2-debugsource-2.4.0-4.el8.s390x.rpm openjpeg2-tools-2.4.0-4.el8.s390x.rpm openjpeg2-tools-debuginfo-2.4.0-4.el8.s390x.rpm
x86_64: openjpeg2-2.4.0-4.el8.i686.rpm openjpeg2-2.4.0-4.el8.x86_64.rpm openjpeg2-debuginfo-2.4.0-4.el8.i686.rpm openjpeg2-debuginfo-2.4.0-4.el8.x86_64.rpm openjpeg2-debugsource-2.4.0-4.el8.i686.rpm openjpeg2-debugsource-2.4.0-4.el8.x86_64.rpm openjpeg2-tools-2.4.0-4.el8.x86_64.rpm openjpeg2-tools-debuginfo-2.4.0-4.el8.i686.rpm openjpeg2-tools-debuginfo-2.4.0-4.el8.x86_64.rpm
Red Hat Enterprise Linux CRB (v. 8):
aarch64: openjpeg2-debuginfo-2.4.0-4.el8.aarch64.rpm

Read the Full Advisory


Advisory ID: RHSA-2021:4251-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4251
Issue date: 2021-11-09

Topic

An update for openjpeg2 is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat Enterprise Linux moderate severity security patch image processing decompression issue OpenJPEG2

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64

Bugs Fixed

1536552 - CVE-2018-5727 openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c

1537758 - CVE-2018-5785 openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2/j2k.c

1728505 - CVE-2018-20845 openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c

1728509 - CVE-2018-20847 openjpeg: integer overflow in function opj_get_encoding_parameters in openjp2/pi.c

1732270 - CVE-2019-12973 openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c

1852869 - CVE-2020-15389 openjpeg: use-after-free and double-free via a mix of valid and invalid files in a directory operated on by the decompressor

1901998 - CVE-2020-27814 openjpeg: heap-buffer-overflow in lib/openjp2/mqc.c could result in DoS

1905723 - CVE-2020-27824 openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()

1905762 - CVE-2020-27823 openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()

1907513 - CVE-2020-27842 openjpeg: null pointer dereference in opj_tgt_reset function in lib/openjp2/tgt.c

1907516 - CVE-2020-27843 openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c

1907523 - CVE-2020-27845 openjpeg: heap-based buffer overflow in functions opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here