Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-7445

convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.

Related bugs and status

CVE-2016-7445 (Candidate) is related to these bugs:

Bug #1630702: Fix for CVE-2016-8332 and CVE-2016-7163

		In	Importance	Status
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu)	Medium	Fix Released
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu Xenial)	Medium	Fix Released
1630702	Fix for CVE-2016-8332 and CVE-2016-7163	openjpeg2 (Ubuntu Yakkety)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016091...
MLIST: [oss-security] 2016091...
CONFIRM: https://github.com/ucl...
CONFIRM: https://github.com/ucl...
SUSE: openSUSE-SU-2016:2424
BID: 93040
GENTOO: GLSA-201612-26