[3.3] openjpeg: memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) (CVE-2017-12982)
The bmp_read_info_header function in bin/jp2/convertbmp.c in
OpenJPEG 2.2.0 does not reject headers with a zero biBitCount,
which allows remote attackers to cause a denial of service (memory
allocation failure) in the opj_image_create function in
lib/openjp2/image.c, related to the opj_aligned_alloc_n function in
opj_malloc.c.
References:
https://github.com/uclouvain/openjpeg/issues/983
http://openwall.com/lists/oss-security/2017/08/21/1
Patch:
https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7
(from redmine: issue id 7716, created on 2017-08-21, closed on 2017-08-23)
- Relations:
- parent #7711 (closed)
- Changesets:
- Revision 61304699 by Francesco Colista on 2017-08-23T09:51:25Z:
main/openjpeg: security fix for CVE-2017-12982. Fixes #7716