An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.
{ "vanir_signatures": [ { "id": "CVE-2017-14040-331ba8bd", "digest": { "length": 3699.0, "function_hash": "66090434281455959844665154648051738419" }, "signature_version": "v1", "deprecated": false, "target": { "file": "src/bin/jp2/convert.c", "function": "tgatoimage" }, "signature_type": "Function", "source": "https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281" }, { "id": "CVE-2017-14040-46249ede", "digest": { "length": 217.0, "function_hash": "167788260771497595903386050576808750588" }, "signature_version": "v1", "deprecated": false, "target": { "file": "src/bin/jp2/convert.c", "function": "get_ushort" }, "signature_type": "Function", "source": "https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281" }, { "id": "CVE-2017-14040-6e8df9fd", "digest": { "line_hashes": [ "23525036583353418219320625966324550802", "177327374119435514219145268307399613089", "320623253887673411484520483589847192131", "292835775766298235912524706889006590080", "112012328534867882596683590143771823601", "53673022407700848319040940612564991516", "57555459998663249802015055391138480059", "15231687001431685197667587808981253486", "217640787295235956893042733445023631782", "311516972248278321224105276315001811102", "281182748761316883612476950947884525571", "265579774650878365822292963790672756851", "243979219833432046093380905842942841838", "37081014724010140555910374229781137214", "90807083015443714754204566778127861642", "111471989039993494687198901980907597582", "75508931994012076446955353194820426506", "226736906340592722759329902925316458757", "216467255423318053875574874476802357556", "255658464969642274031690919941005577119", "156822966723833280756110815668282640562", "281126177618215740790811151757715309287", "14077404740799291264839640468846001881", "124071256899131307689789756406006839288" ], "threshold": 0.9 }, "signature_version": "v1", "deprecated": false, "target": { "file": "src/bin/jp2/convert.c" }, "signature_type": "Line", "source": "https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281" } ] }