CVE-2020-15389

Priority
Description
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that
can be triggered if there is a mix of valid and invalid files in a
directory operated on by the decompressor. Triggering a double-free may
also be possible. This is related to calling opj_image_destroy twice.
Ubuntu-Description
It was discovered that OpenJPEG did not properly handle certain input. If
OpenJPEG were supplied with specially crafted input, it could be made to crash
or possibly execute arbitrary code.
Notes
mdeslaurper upstream bug, this is a read after free, so likely limited
to a denial of service.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.1.2-1.1+deb9u5build0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
Patches:
Upstream:https://github.com/rouault/openjpeg/commit/e8e258ab049240c2dd1f1051b4e773b21e2d3dc0
More Information

Updated: 2020-09-15 20:18:07 UTC (commit 52f423b9e3c86f3e331b2ae54e08921703c187be)