Launchpad CVE tracker

CVE 2016-7163

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

Related bugs and status

CVE-2016-7163 (Candidate) is related to these bugs:

Bug #1630702: Fix for CVE-2016-8332 and CVE-2016-7163

		In	Importance	Status
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu)	Medium	Fix Released
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu Xenial)	Medium	Fix Released
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu Yakkety)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016090...
MLIST: [oss-security] 2016090...
CONFIRM: https://github.com/ucl...
CONFIRM: https://github.com/ucl...
CONFIRM: https://github.com/ucl...
CONFIRM: https://github.com/ucl...
DEBIAN: DSA-3665
FEDORA: FEDORA-2016-231f53426b
FEDORA: FEDORA-2016-27d3b7742f
FEDORA: FEDORA-2016-2eac99579c
FEDORA: FEDORA-2016-8ed6b7bb5e
FEDORA: FEDORA-2016-adb346980c
FEDORA: FEDORA-2016-dc53ceffc2
BID: 92897
REDHAT: RHSA-2017:0559
REDHAT: RHSA-2017:0838

Launchpad.net

CVE 2016-7163

Related bugs and status

Related bugs

References