CVE-2020-27814
Published: 30 November 2020
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
Notes
| Author | Note |
|---|---|
| mdeslaur | check bug to see if there are more commits before fixing |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
blender Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
|
| bionic |
Not vulnerable
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Not vulnerable
|
|
| focal |
Not vulnerable
|
|
| groovy |
Not vulnerable
|
|
| hirsute |
Not vulnerable
|
|
| lunar |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
|
|
| mantic |
Not vulnerable
|
|
|
ghostscript Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(uses system openjpeg2)
|
| focal |
Not vulnerable
(uses system openjpeg2)
|
|
| groovy |
Not vulnerable
(uses system openjpeg2)
|
|
| hirsute |
Not vulnerable
(uses system openjpeg2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| bionic |
Released
(9.26~dfsg+0-0ubuntu0.18.04.14)
|
|
| xenial |
Released
(9.26~dfsg+0-0ubuntu0.16.04.14)
|
|
| jammy |
Not vulnerable
(uses system openjpeg2)
|
|
| kinetic |
Not vulnerable
(uses system openjpeg2)
|
|
| lunar |
Not vulnerable
(uses system openjpeg2)
|
|
| mantic |
Not vulnerable
(uses system openjpeg2)
|
|
|
insighttoolkit4 Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(code not present)
|
| bionic |
Not vulnerable
(code not present)
|
|
| jammy |
Not vulnerable
(code not present)
|
|
| kinetic |
Not vulnerable
(code not present)
|
|
| focal |
Not vulnerable
(code not present)
|
|
| groovy |
Not vulnerable
(code not present)
|
|
| hirsute |
Not vulnerable
(code not present)
|
|
| lunar |
Not vulnerable
(code not present)
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(code not present)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| mantic |
Does not exist
|
|
|
openjpeg Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| upstream |
Needs triage
|
|
| jammy |
Does not exist
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| mantic |
Does not exist
|
|
|
openjpeg2 Launchpad, Ubuntu, Debian |
impish |
Released
(2.3.1-1ubuntu5)
|
| trusty |
Does not exist
|
|
| focal |
Released
(2.3.1-1ubuntu4.20.04.1)
|
|
| groovy |
Released
(2.3.1-1ubuntu4.20.10.1)
|
|
| hirsute |
Released
(2.3.1-1ubuntu5)
|
|
| jammy |
Released
(2.3.1-1ubuntu5)
|
|
| kinetic |
Released
(2.3.1-1ubuntu5)
|
|
| upstream |
Released
(2.4.0)
|
|
| bionic |
Released
(2.3.0-2+deb10u2build0.18.04.1)
|
|
| lunar |
Released
(2.3.1-1ubuntu5)
|
|
| xenial |
Released
(2.1.2-1.1+deb9u6build0.16.04.1)
|
|
| mantic |
Released
(2.3.1-1ubuntu5)
|
|
|
Patches: upstream: https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc upstream: https://github.com/uclouvain/openjpeg/commit/15cf3d95814dc931ca0ecb132f81cb152e051bae upstream: https://github.com/uclouvain/openjpeg/commit/649298dcf84b2f20cfe458d887c1591db47372a6 upstream: https://github.com/uclouvain/openjpeg/commit/4ce7d285a55d29b79880d0566d4b010fe1907aa9 |
||
|
texmaker Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
|
| groovy |
Not vulnerable
|
|
| hirsute |
Not vulnerable
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Not vulnerable
|
|
| bionic |
Not vulnerable
|
|
| focal |
Not vulnerable
|
|
| lunar |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
|
|
| mantic |
Not vulnerable
|
|
|
qtwebengine-opensource-src Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needed)
|
| jammy |
Needed
|
|
| impish |
Ignored
(end of life)
|
|
| bionic |
Not vulnerable
|
|
| focal |
Needed
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| lunar |
Needed
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
| mantic |
Needed
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |