[arch-security] [ASA-201703-9] jasper: multiple issues
Arch Linux Security Advisory ASA-201703-9 ========================================= Severity: High Date : 2017-03-14 CVE-ID : CVE-2016-8886 CVE-2016-9591 Package : jasper Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-69 Summary ======= The package jasper before version 2.0.12-1 is vulnerable to multiple issues including arbitrary code execution and denial of service. Resolution ========== Upgrade to 2.0.12-1. # pacman -Syu "jasper>=2.0.12-1" The problems have been fixed upstream in version 2.0.12. Workaround ========== None. Description =========== - CVE-2016-8886 (denial of service) A memory allocation failure was found in jas_malloc triggered by a crafted file that results in an application crash leading to denial of service. - CVE-2016-9591 (arbitrary code execution) A heap-use-after-free vulnerability has been found in jasper. The vulnerability exists in code responsible for re-encoding the decoded input image file to a J2P image. The vulnerability is caused by not setting related pointers to be null after the pointers are freed (i.e. missing Setting-Pointer-Null operations after free). The vulnerability can further cause double-free. Impact ====== A remote attacker is able to use specially crafted images that, when processed, lead to arbitrary code execution or application crash. References ========== http://seclists.org/oss-sec/2016/q4/214 https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-... https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5b... https://github.com/mdadams/jasper/issues/105 http://www.openwall.com/lists/oss-security/2016/12/16/3 https://github.com/mdadams/jasper/commit/03fe49ab96bf65fea784cdc256507ea8826... https://security.archlinux.org/CVE-2016-8886 https://security.archlinux.org/CVE-2016-9591
participants (1)
-
Levente Polyak