CVE-2020-8112

Priority
Description
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through
2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a
different issue than CVE-2020-6851.
Ubuntu-Description
It was discovered that OpenJPEG did not properly handle certain input. If
OpenJPEG were supplied with specially crafted input, it could be made to crash
or possibly execute arbitrary code.
References
Bugs
Notes
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:released (9.26~dfsg+0-0ubuntu0.18.04.14)
Ubuntu 20.04 LTS:not-affected (uses system openjpeg2)
Ubuntu 21.10:not-affected (uses system openjpeg2)
Ubuntu 16.04 ESM:released (9.26~dfsg+0-0ubuntu0.16.04.14)
Ubuntu 22.04 LTS:not-affected (uses system openjpeg2)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 21.10:DNE
Ubuntu 22.04 LTS:DNE
Ubuntu 14.04 ESM:needs-triage
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needed
Ubuntu 20.04 LTS:released (2.3.1-1ubuntu4)
Ubuntu 21.10:released (2.3.1-1ubuntu4)
Ubuntu 22.04 LTS:released (2.3.1-1ubuntu4)
Ubuntu 14.04 ESM:DNE
Patches:
Upstream:https://github.com/uclouvain/openjpeg/commit/05f9b91e60debda0e83977e5e63b2e66486f7074
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:needs-triage
Ubuntu 22.04 LTS:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-25 00:51:03 UTC (commit ecc1009cb19540b950de59270950018900f37f15)