oss-sec mailing list archives
Information on CVE-2014-0158, openjpeg
From: Raphael Geissert <geissert () debian org>
Date: Wed, 2 Apr 2014 10:31:52 +0200
Hi, I just became aware of CVE-2014-0158[1], which was recently assigned to openjpeg. Looking at the proposed patch (as the description is rather brief), it seems to me that it is a dup of one of the bugs covered by CVE-2013-1447. Quoting from my post to oss-security:
5. null pointer dereferences, division by zero, and anything that
would just fit as DoS (CVE-2013-1447)
[listing the group of issues and attachments] 5. [...] segfault6.patch
Which is exactly what is being commented about in [2], a copy of which is also available at [3]. IIRC without that patch some of the structures were not initialized and applications (like the ones shipped by openjpeg itself) would try to dereference NULL pointers, and just crash - no memory write was involved. Or is there more into CVE-2014-0158 that I might be missing? P.S. testing the encoding functions would probably be like opening another can of worms, if anyone is interested in that. [1]https://bugzilla.redhat.com/CVE-2014-0158 [2]https://bugzilla.redhat.com/show_bug.cgi?id=1082925#c8 [3]https://bugzilla.redhat.com/show_bug.cgi?id=1037945#c11 Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- Information on CVE-2014-0158, openjpeg Raphael Geissert (Apr 02)
- Re: Information on CVE-2014-0158, openjpeg Huzaifa Sidhpurwala (Apr 02)
- Re: Information on CVE-2014-0158, openjpeg Raphael Geissert (Apr 02)
- Re: Information on CVE-2014-0158, openjpeg Huzaifa Sidhpurwala (Apr 02)