What is CVE-2018-19542?

CVE-2018-19542 is a vulnerability in JasPer 2.0.14 that allows for a NULL pointer dereference, leading to a denial of service.

How severe is CVE-2018-19542?

CVE-2018-19542 has a severity rating of 6.5 (medium).

Which software is affected by CVE-2018-19542?

JasPer 2.0.14, Canonical Ubuntu Linux 16.04, SUSE Linux Enterprise Desktop 12-sp3, SUSE Linux Enterprise Desktop 12-sp4, SUSE Linux Enterprise Server 11-sp3, SUSE Linux Enterprise Server 11-sp4, SUSE Linux Enterprise Server 12-sp1, SUSE Linux Enterprise Server 12-sp2, Debian Debian Linux 8.0, and openSUSE Leap 15.0 are affected by CVE-2018-19542.

How do I fix CVE-2018-19542?

To fix CVE-2018-19542, users should update to the latest version of JasPer (2.0.15) or apply the necessary patches provided by the software vendors.

Where can I find more information about CVE-2018-19542?

More information about CVE-2018-19542 can be found at the following references: http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html, https://github.com/mdadams/jasper/issues/182, https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html.

Vulnerability/
CVE-2018-19542

medium

6.5

CWE

476

26/11/2018

5/8/2024

CVE-2018-19542: Null Pointer Dereference

First published: Mon Nov 26 2018(Updated: )

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Jasper Project Jasper	=2.0.14
Canonical Ubuntu Linux	=16.04
SUSE Linux Enterprise Desktop	=12-sp3
SUSE Linux Enterprise Desktop	=12-sp4
SUSE Linux Enterprise Server	=11-sp3
SUSE Linux Enterprise Server	=11-sp4
SUSE Linux Enterprise Server	=12-sp1
SUSE Linux Enterprise Server	=12-sp2
Debian Debian Linux	=8.0
openSUSE Leap	=15.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-19542?
CVE-2018-19542 is a vulnerability in JasPer 2.0.14 that allows for a NULL pointer dereference, leading to a denial of service.
How severe is CVE-2018-19542?
CVE-2018-19542 has a severity rating of 6.5 (medium).
Which software is affected by CVE-2018-19542?
JasPer 2.0.14, Canonical Ubuntu Linux 16.04, SUSE Linux Enterprise Desktop 12-sp3, SUSE Linux Enterprise Desktop 12-sp4, SUSE Linux Enterprise Server 11-sp3, SUSE Linux Enterprise Server 11-sp4, SUSE Linux Enterprise Server 12-sp1, SUSE Linux Enterprise Server 12-sp2, Debian Debian Linux 8.0, and openSUSE Leap 15.0 are affected by CVE-2018-19542.
How do I fix CVE-2018-19542?
To fix CVE-2018-19542, users should update to the latest version of JasPer (2.0.15) or apply the necessary patches provided by the software vendors.
Where can I find more information about CVE-2018-19542?
More information about CVE-2018-19542 can be found at the following references: http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00004.html, https://github.com/mdadams/jasper/issues/182, https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/severity
agent/author
agent/tags
agent/description
agent/event
collector/mitre-cve
source/MITRE
vendor/jasper project
canonical/jasper project jasper
version/jasper project jasper/2.0.14
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/16.04
vendor/suse
canonical/suse linux enterprise desktop
version/suse linux enterprise desktop/12-sp3
version/suse linux enterprise desktop/12-sp4
canonical/suse linux enterprise server
version/suse linux enterprise server/11-sp3
version/suse linux enterprise server/11-sp4
version/suse linux enterprise server/12-sp1
version/suse linux enterprise server/12-sp2
vendor/debian
canonical/debian debian linux
version/debian debian linux/8.0
vendor/opensuse
canonical/opensuse leap
version/opensuse leap/15.0