First published: Mon Dec 14 2020(Updated: )
A flaw was found in OpenJPEG. Specially crafted file can lead to an out-of-bounds read in opj_tgt_reset function in lib/openjp2/tgt.c. Reference: <a href="https://github.com/uclouvain/openjpeg/issues/1294">https://github.com/uclouvain/openjpeg/issues/1294</a>
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/openjpeg | <2.4.0 | 2.4.0 |
Uclouvain Openjpeg | <2.4.0 | |
Fedoraproject Extra Packages For Enterprise Linux | =7.0 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Redhat Codeready Linux Builder | =8.0 | |
Redhat Codeready Linux Builder For Ibm Z Systems | =8.0 | |
Redhat Codeready Linux Builder For Power Little Endian | =8.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0 | |
Redhat Enterprise Linux For Power Little Endian | =8.0 | |
Oracle Outside In Technology | =8.5.5 | |
debian/openjpeg2 | 2.4.0-3 2.5.0-2 | |
IBM Pub | <=7.0.1 | |
IBM Pub | <=7.0.2 | |
IBM Pub | <=7.0 | |
IBM Engineering Requirements Quality Assistant On-Premises | <=All | |
IBM DOORS Next | <=7.0.2 | |
IBM DOORS Next | <=7.0 | |
IBM DOORS Next | <=7.0.1 | |
IBM CLM | <=6.0.6.1 | |
IBM CLM | <=6.0.6 | |
IBM ELM | <=7.0.2 | |
IBM ELM | <=7.0 | |
IBM ELM | <=7.0.1 | |
IBM EWM | <=7.0.2 | |
IBM EWM | <=7.0.1 | |
IBM RTC | <=6.0.6.1 | |
IBM EWM | <=7.0 | |
IBM RTC | <=6.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-27842 is a vulnerability in openjpeg's t2 encoder in versions prior to 2.4.0.
The highest impact of CVE-2020-27842 is to application availability.
Versions prior to 2.4.0 of openjpeg's t2 encoder are affected by CVE-2020-27842.
You can find more information about CVE-2020-27842 at the following references: [link1], [link2], [link3].
To fix the CVE-2020-27842 vulnerability, update openjpeg to version 2.4.0 or higher.