Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2016-9580

Published: 1 August 2018

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

Notes

AuthorNote
ccdm94
It seems like commit a817832c223 (szukw000:AFL_PATCH_0) was the final
commit created by a contributor in order to fix this issue. This
commit contains the changes in commit cadff5fb6e7 (szukw000:ISSUE-871-872)
which originally attempts to fix this issue. Commit a817832c223
(pull request 895 for more information) contains the changes in commit
cadff5fb6e7, which fixes more than just this issue. Commit a817832c223
was never merged, however, and instead, was broken down into various
other commits by upstream, and those were merged instead. These commits
are the following: 178194c0934, 6c4e5bacb9d, 820fcfe8bb1, e03e9474667,
c5bf5ef4d65 and 16aeb9282f6, which are all referenced in pull request
895 (not merged, but the previously mentioned commits reference this
PR and therefore their links can be accessed through it). Parts of
commit a817832c223 have also been refactored and added to commit
0394f8d0f1c, which was actually merged. This commit might also contain
changes which contribute to fixing this issue. However, do note that
this last commit introduced regressions, and further changes had to
be made in order to fix those. More can be seen in pull request 975.
The patches that fix this issue are also related to CVE-2016-9572.
eslerm
a non-upstream patch had previously been applied to openjpeg2
eslerm
CVE-2016-{9572,9580,9581} use the same patch set CVE-2016-911{3..8} apply merge 0394f8d and commited afterwards

Priority

Medium

Cvss 3 Severity Score

8.8

Score breakdown

Status

Package Release Status
openjpeg2
Launchpad, Ubuntu, Debian
artful Ignored
(end of life)
precise Does not exist

trusty Does not exist

xenial Not vulnerable
(code not present)
yakkety Ignored
(end of life)
zesty Ignored
(end of life)
bionic Not vulnerable
(2.3.0-1)
cosmic Ignored
(end of life)
disco Ignored
(end of life)
focal Not vulnerable
(2.3.1-1ubuntu4)
jammy Not vulnerable
(2.4.0-6)
upstream
Released (2.2.0)
kinetic Not vulnerable
(2.5.0-1)
Patches:






other: https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
openjpeg
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

focal Does not exist

jammy Does not exist

upstream
Released (2.2.0)
trusty Ignored
(changes too intrusive)
xenial Ignored
(changes too intrusive)
kinetic Does not exist

Patches:
upstream: https://github.com/uclouvain/openjpeg/commit/178194c093422c9564efc41f9ecb5c630b43f723
upstream: https://github.com/uclouvain/openjpeg/commit/6c4e5bacb9d9791fc6ff074bd7958b3820d70514
upstream: https://github.com/uclouvain/openjpeg/commit/820fcfe8bb101a2862c076b02c9b6b636ce39d2f
upstream: https://github.com/uclouvain/openjpeg/commit/e03e9474667e5117341351699f0b1dbb06f93346
upstream: https://github.com/uclouvain/openjpeg/commit/c5bf5ef4d6552e9159aaad29cb27826acd1a3389
upstream: https://github.com/uclouvain/openjpeg/commit/16aeb9282f6b3877aa8365c461ba8d3d1338adae

Severity score breakdown

Parameter Value
Base score 8.8
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H