CVE-2016-9572

Publication date 1 August 2018

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

6.5 · Medium

Score breakdown

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.

Read the notes from the security team

Status

Package Ubuntu Release Status
openjpeg 22.10 kinetic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
19.04 disco Not in release
18.10 cosmic Not in release
18.04 LTS bionic Not in release
17.10 artful Not in release
16.04 LTS xenial Ignored changes too intrusive
14.04 LTS trusty Ignored end of ESM support, was ignored [changes too intrusive]
openjpeg2 22.10 kinetic
Not affected
22.04 LTS jammy
Not affected
20.04 LTS focal
Not affected
18.04 LTS bionic
Not affected
17.10 artful Ignored end of life
17.04 zesty Ignored end of life
16.10 yakkety Ignored end of life
16.04 LTS xenial
Fixed 2.1.2-1.1+deb9u2build0.1
14.04 LTS trusty Not in release
12.04 LTS precise Not in release

Notes


ccdm94

It seems like commit a817832c223 (szukw000:AFL_PATCH_0) was the final commit created by a contributor in order to fix this issue. This commit contains the changes in commit 7b28bd2b723 (szukw000:863-862) which originally attempts to fix this issue. Commit a817832c223 (pull request 895 for more information) contains the changes in commit 7b28bd2b723, which fixes more than just this issue. Commit a817832c223 was never merged, however, and instead, was broken down into various other commits by upstream, and those were merged instead. These commits are the following: 178194c0934, 6c4e5bacb9d, 820fcfe8bb1, e03e9474667, c5bf5ef4d65 and 16aeb9282f6, which are all referenced in pull request 895 (not merged, but the previously mentioned commits reference this PR and therefore their links can be accessed through it). Parts of commit a817832c223 have also been refactored and added to commit 0394f8d0f1c, which was actually merged. This commit might also contain changes which contribute to fixing this issue. However, do note that this last commit introduced regressions, and further changes had to be made in order to fix those. More can be seen in pull request 975. The patches that fix this issue are also related to CVE-2016-9580 and CVE-2016-9581.


eslerm

a non-upstream patch had previously been applied to openjpeg2


eslerm

CVE-2016-{9572,9580,9581} use the same patch set CVE-2016-911{3..8} apply merge 0394f8d and commited afterwards

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
openjpeg
openjpeg2

Severity score breakdown

Parameter Value
Base score 6.5 · Medium
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H