SB2017030121 - Multiple vulnerabilities in JasPer
Published: March 1, 2017 Updated: March 13, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Reachable Assertion (CVE-ID: CVE-2016-9393)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attacks.
The vulnerability exists due to reachable assertion in jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17. A remote attacker can perform a denial of service (DoS) attack via a crafted file.
2) Input validation error (CVE-ID: CVE-2017-5498)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
3) Integer overflow (CVE-ID: CVE-2017-5499)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
4) Input validation error (CVE-ID: CVE-2017-5500)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
5) Integer overflow (CVE-ID: CVE-2017-5501)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
6) Input validation error (CVE-ID: CVE-2017-5502)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
7) Out-of-bounds read (CVE-ID: CVE-2017-5504)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
Remediation
Install update from vendor's website.
References
- http://www.openwall.com/lists/oss-security/2016/11/17/1
- http://www.securityfocus.com/bid/94377
- https://access.redhat.com/errata/RHSA-2017:1208
- https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure
- https://bugzilla.redhat.com/show_bug.cgi?id=1396972
- https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
- https://usn.ubuntu.com/3693-1/
- http://www.securityfocus.com/bid/95666
- https://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/
- http://www.securityfocus.com/bid/95682
- https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c/
- https://security.gentoo.org/glsa/201908-03