REDHAT-BUG-2295816: Medium severity openjpeg vulnerability
In openjepg, a resource exhaustion can occur in the opjt1decodecblks function in the tcd.c through a crafted image file causing a denial of service.
References:
https://github.com/uclouvain/openjpeg/issues/1474
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2295816?
REDHAT-BUG-2295816 is classified as a denial of service vulnerability due to resource exhaustion in the OpenJPEG library.
How do I fix REDHAT-BUG-2295816?
To mitigate REDHAT-BUG-2295816, update to the latest version of the OpenJPEG library provided by UCLouvain.
What causes the vulnerability identified by REDHAT-BUG-2295816?
The vulnerability REDHAT-BUG-2295816 is triggered by processing a crafted image file that causes resource exhaustion.
Which software is affected by REDHAT-BUG-2295816?
The vulnerable software associated with REDHAT-BUG-2295816 is the UCLouvain OpenJPEG library.
Can REDHAT-BUG-2295816 be exploited remotely?
Yes, REDHAT-BUG-2295816 can potentially be exploited remotely if an attacker can deliver a crafted image file to the vulnerable system.