In OpenJPEG 2.3.1, there is excessive iteration in the opjt1encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-tools": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dev-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-tools-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dbg": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-server": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dev": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-server-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d-tools-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-dec-server": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d-tools": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-viewer": "2.1.2-1.1+deb9u5build0.16.04.1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp2-tools": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip7": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp2-7": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp2-tools-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp2-7-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip-server": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp2-7-dev": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip-server-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp3d7-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp3d7": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp3d-tools-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip7-dbgsym": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip-dec-server": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjp3d-tools": "2.3.0-2+deb10u2ubuntu0.1~esm1", "libopenjpip-viewer": "2.3.0-2+deb10u2ubuntu0.1~esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.3.1-1ubuntu4", "libopenjp2-tools": "2.3.1-1ubuntu4", "libopenjpip7": "2.3.1-1ubuntu4", "libopenjp2-7": "2.3.1-1ubuntu4", "libopenjp2-tools-dbgsym": "2.3.1-1ubuntu4", "libopenjp2-7-dbgsym": "2.3.1-1ubuntu4", "libopenjpip-server": "2.3.1-1ubuntu4", "libopenjp2-7-dev": "2.3.1-1ubuntu4", "libopenjpip-server-dbgsym": "2.3.1-1ubuntu4", "libopenjp3d7-dbgsym": "2.3.1-1ubuntu4", "libopenjp3d7": "2.3.1-1ubuntu4", "libopenjp3d-tools-dbgsym": "2.3.1-1ubuntu4", "libopenjpip7-dbgsym": "2.3.1-1ubuntu4", "libopenjpip-dec-server": "2.3.1-1ubuntu4", "libopenjp3d-tools": "2.3.1-1ubuntu4", "libopenjpip-viewer": "2.3.1-1ubuntu4" } ] }