Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 534
Alerts This Week
Warning Icon 1 534

Ubuntu 16.04 ESM: USN-5405-1 Moderate: jbig2dec DoS Threats

ubuntu
Calendar Grey May 5, 2022
Dist Ubuntu Esm H88
Various vulnerabilities in jbig2dec addressed in Ubuntu 16.04 could result in system crashes or unauthorized code execution.
Several security issues were fixed in jbig2dec.

Summary

Several security issues were fixed in jbig2dec.

Software Description:

- jbig2dec: JBIG2 decoder library

Details:

It was discovered that jbig2dec incorrectly handled memory when parsing

invalid files. An attacker could use this issue to cause jbig2dec to

crash, leading to a denial of service. (CVE-2017-9216)

It was discovered that jbig2dec incorrectly handled memory when

processing untrusted input. An attacker could use this issue to cause a

denial of service, or possibly execute arbitrary code. (CVE-2020-12268)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   jbig2dec                          0.12+20150918-1ubuntu0.1+esm2
   libjbig2dec0                    0.12+20150918-1ubuntu0.1+esm2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5405-1

CVE-2017-9216, CVE-2020-12268

May 05, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.