CWE
190
Advisory Published
Updated

CVE-2021-29338: Integer Overflow

First published: Wed Apr 14 2021(Updated: )

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Uclouvain Openjpeg=2.4.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Debian Debian Linux=9.0
debian/openjpeg2<=2.4.0-3
2.5.0-2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2021-29338?

    CVE-2021-29338 is an integer overflow vulnerability in OpenJPEG v2.4.0 that allows remote attackers to crash the application, causing a Denial of Service (DoS).

  • How does CVE-2021-29338 affect Uclouvain Openjpeg?

    CVE-2021-29338 affects Uclouvain Openjpeg 2.4.0, causing it to crash when an attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

  • How does CVE-2021-29338 affect Fedoraproject Fedora 33 and 34?

    CVE-2021-29338 affects Fedoraproject Fedora 33 and 34, causing the application to crash when an attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

  • How does CVE-2021-29338 affect Debian Debian Linux 9.0?

    CVE-2021-29338 affects Debian Debian Linux 9.0, causing the application to crash when an attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

  • What is the severity of CVE-2021-29338?

    CVE-2021-29338 has a severity rating of 5.5, which is considered medium.

  • How can I mitigate the CVE-2021-29338 vulnerability?

    To mitigate the CVE-2021-29338 vulnerability, it is recommended to update OpenJPEG to a version that is not affected by this vulnerability.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203