979907 – (CVE-2015-8871) VUL-0: CVE-2015-8871: openjpeg2: Use-after-free in opj_j2k_write_mco function

Bug 979907 (CVE-2015-8871) - VUL-0: CVE-2015-8871: openjpeg2: Use-after-free in opj_j2k_write_mco function

Summary: VUL-0: CVE-2015-8871: openjpeg2: Use-after-free in opj_j2k_write_mco function

Status:	RESOLVED FIXED

Alias:	CVE-2015-8871

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	unspecified
Assignee:	Hans Petter Jansson
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/169089/
Whiteboard:	CVSSv2:RedHat:CVE-2015-8871:5.1:(AV:N...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2016-05-13 12:43 UTC by Alexander Bergmann
Modified:	2017-09-26 01:12 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2016-05-13 12:43:57 UTC

rh#1335770

A vulnerability was found in openjpeg. There is a potential use-after-free in opj_j2k_write_mco function of the j2k.c file.

External references:

https://github.com/uclouvain/openjpeg/issues/563

Upstream fix:

https://github.com/uclouvain/openjpeg/commit/940100c28ae28931722290794889cf84a92c5f6f

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1335770
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8871
http://seclists.org/oss-sec/2016/q2/341
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8871.html

Comment 1 Swamp Workflow Management 2016-05-13 22:01:32 UTC

bugbot adjusting priority

Comment 2 Asterios Dramis 2017-01-31 21:34:15 UTC

This issue does not affect openjpeg but openjpeg2 (see also rh#1335770).

Comment 3 Andreas Stieger 2017-05-19 09:42:11 UTC

(In reply to Asterios Dramis from comment #2)
> This issue does not affect openjpeg but openjpeg2 (see also rh#1335770).

assigning to openjpeg2 maintainers. Putting back into security analysis queue.

Comment 7 Swamp Workflow Management 2017-08-11 19:09:04 UTC

SUSE-SU-2017:2144-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 979907,997857
CVE References: CVE-2015-8871,CVE-2016-7163
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    openjpeg2-2.1.0-4.3.2
SUSE Linux Enterprise Server 12-SP3 (src):    openjpeg2-2.1.0-4.3.2
SUSE Linux Enterprise Server 12-SP2 (src):    openjpeg2-2.1.0-4.3.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    openjpeg2-2.1.0-4.3.2
SUSE Linux Enterprise Desktop 12-SP2 (src):    openjpeg2-2.1.0-4.3.2

Comment 8 Andreas Stieger 2017-08-16 18:13:10 UTC

releasing for Leap, done

Comment 9 Swamp Workflow Management 2017-08-16 22:10:22 UTC

openSUSE-SU-2017:2186-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 979907,997857
CVE References: CVE-2015-8871,CVE-2016-7163
Sources used:
openSUSE Leap 42.3 (src):    openjpeg2-2.1.0-16.1
openSUSE Leap 42.2 (src):    openjpeg2-2.1.0-13.3.1

Comment 10 Swamp Workflow Management 2017-09-26 01:12:50 UTC

openSUSE-SU-2017:2567-1: An update that fixes 15 vulnerabilities is now available.

Category: security (important)
Bug References: 1002414,1007739,1007740,1007741,1007742,1007743,1007744,1007747,1014543,1014975,979907,997857,999817
CVE References: CVE-2015-8871,CVE-2016-7163,CVE-2016-7445,CVE-2016-8332,CVE-2016-9112,CVE-2016-9113,CVE-2016-9114,CVE-2016-9115,CVE-2016-9116,CVE-2016-9117,CVE-2016-9118,CVE-2016-9572,CVE-2016-9573,CVE-2016-9580,CVE-2016-9581
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    openjpeg2-2.1.0-5.1, openjpeg2-2.1.0-6.1