Note:
This project will be discontinued after December 13, 2021. [more]
2018-11-26
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
| Products | Ubuntu_linux, Debian_linux, Jasper, Linux_enterprise_desktop, Linux_enterprise_server |
| Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://security-tracker.debian.org/tracker/CVE-2018-19543
• https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-19543.html • https://www.suse.com/security/cve/CVE-2018-19543/ • https://github.com/mdadams/jasper/issues/182 |