CVE-2016-9572

Published: 01 August 2018

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
openjpeg2
Launchpad, Ubuntu, Debian
Upstream
Released (2.2.0)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2.1.2-1.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.1.2-1.1+deb9u2build0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist