Vulnerabilities > CVE-2020-6851 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-0262.NASL description An update for openjpeg2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133317 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133317 title CentOS 7 : openjpeg2 (CESA-2020:0262) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2081.NASL description OpenJPEG had a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 133319 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133319 title Debian DLA-2081-1 : openjpeg2 security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1168.NASL description According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.(CVE-2020-6851) - opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.(CVE-2020-8112) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2020-02-25 plugin id 134002 published 2020-02-25 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134002 title EulerOS 2.0 SP8 : openjpeg2 (EulerOS-SA-2020-1168) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0274.NASL description From Red Hat Security Advisory 2020:0274 : An update for openjpeg2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133332 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133332 title Oracle Linux 8 : openjpeg2 (ELSA-2020-0274) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2089.NASL description opj_t1_clbl_decode_processor in openjp2/t1.c of OpenJPEG had a heap-based buffer overflow in the qmfbid==1 case, a similar but different issue than CVE-2020-6851. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 133365 published 2020-01-31 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133365 title Debian DLA-2089-1 : openjpeg2 security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1365.NASL description According to the versions of the openjpeg2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.(CVE-2020-8112) - OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.(CVE-2020-6851) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-04-07 modified 2020-04-02 plugin id 135152 published 2020-04-02 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135152 title EulerOS Virtualization for ARM 64 3.0.6.0 : openjpeg2 (EulerOS-SA-2020-1365) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2020-0012_OPENJPEG2.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openjpeg2 packages installed that are affected by a vulnerability: - OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. (CVE-2020-6851) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-03-18 modified 2020-03-08 plugin id 134316 published 2020-03-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134316 title NewStart CGSL CORE 5.04 / MAIN 5.04 : openjpeg2 Vulnerability (NS-SA-2020-0012) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2020-0026_OPENJPEG2.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openjpeg2 packages installed that are affected by a vulnerability: - opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. (CVE-2020-8112) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-05 modified 2020-05-27 plugin id 136907 published 2020-05-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136907 title NewStart CGSL CORE 5.04 / MAIN 5.04 : openjpeg2 Vulnerability (NS-SA-2020-0026) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0274.NASL description An update for openjpeg2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133337 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133337 title RHEL 8 : openjpeg2 (RHSA-2020:0274) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0296.NASL description An update for openjpeg2 is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133387 published 2020-01-31 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133387 title RHEL 8 : openjpeg2 (RHSA-2020:0296) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-0262.NASL description From Red Hat Security Advisory 2020:0262 : An update for openjpeg2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133330 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133330 title Oracle Linux 7 : openjpeg2 (ELSA-2020-0262) NASL family Scientific Linux Local Security Checks NASL id SL_20200128_OPENJPEG2_ON_SL7_X.NASL description Security Fix(es) : - openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) last seen 2020-03-18 modified 2020-01-31 plugin id 133388 published 2020-01-31 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133388 title Scientific Linux Security Update : openjpeg2 on SL7.x x86_64 (20200128) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-0262.NASL description An update for openjpeg2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix(es) : * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 133334 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133334 title RHEL 7 : openjpeg2 (RHSA-2020:0262) NASL family Fedora Local Security Checks NASL id FEDORA_2020-AB8553F302.NASL description This update fixes CVE-2020-6851. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 133373 published 2020-01-31 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133373 title Fedora 31 : mingw-openjpeg2 / openjpeg2 (2020-ab8553f302) NASL family Fedora Local Security Checks NASL id FEDORA_2020-6C8804DAAA.NASL description This update fixes CVE-2020-6851. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 133426 published 2020-02-03 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133426 title Fedora 30 : mingw-openjpeg2 / openjpeg2 (2020-6c8804daaa)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://github.com/uclouvain/openjpeg/issues/1228
- https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html
- https://access.redhat.com/errata/RHSA-2020:0274
- https://access.redhat.com/errata/RHSA-2020:0262
- https://access.redhat.com/errata/RHSA-2020:0296
- https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.debian.org/security/2021/dsa-4882
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/