CVE-2021-29338
Published: 14 April 2021
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.
Notes
| Author | Note |
|---|---|
| iconstantin | ghostscript 9.26~dfsg+0-0ubuntu0.16.04.14+esm2 for xenial was released to address this CVE but it was thereafter determined that the impacted code is not compiled and so the package is not vulnerable. still need to verify if commits from PR 1397 and 1398 should be included as part of our patch. |
| sbeattie | fix is being worked in pull request 1346. |
| mdeslaur | this only affects the opj_* tools in the liopenjp2-tools universe package |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
blender Launchpad, Ubuntu, Debian |
jammy |
Needed
|
| impish |
Ignored
(end of life)
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| bionic |
Needed
|
|
| focal |
Needed
|
|
| hirsute |
Ignored
(end of life)
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Deferred
(2022-01-05)
|
|
| groovy |
Ignored
(end of life)
|
|
| lunar |
Needed
|
|
| mantic |
Needed
|
|
|
ghostscript Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not compiled)
|
| focal |
Not vulnerable
(uses system openjpeg2)
|
|
| groovy |
Not vulnerable
(uses system openjpeg2)
|
|
| hirsute |
Not vulnerable
(uses system openjpeg2)
|
|
| jammy |
Not vulnerable
(uses system openjpeg2)
|
|
| kinetic |
Not vulnerable
(uses system openjpeg2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(code not compiled)
|
|
| impish |
Not vulnerable
(uses system openjpeg2)
|
|
| lunar |
Not vulnerable
(uses system openjpeg2)
|
|
| mantic |
Not vulnerable
(uses system openjpeg2)
|
|
|
insighttoolkit4 Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| focal |
Needed
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| jammy |
Needed
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Deferred
(2022-01-05)
|
|
| impish |
Ignored
(end of life)
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| lunar |
Needed
|
|
| mantic |
Does not exist
|
|
|
openjpeg Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| impish |
Does not exist
|
|
| lunar |
Does not exist
|
|
| mantic |
Does not exist
|
|
|
openjpeg2 Launchpad, Ubuntu, Debian |
jammy |
Needed
|
| trusty |
Does not exist
|
|
| upstream |
Released
(2.5.0)
|
|
| impish |
Ignored
(end of life)
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| bionic |
Needed
|
|
| focal |
Needed
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| xenial |
Deferred
(2022-01-05)
|
|
| lunar |
Needed
|
|
| mantic |
Not vulnerable
(2.5.0-1build1)
|
|
|
Patches: upstream: https://github.com/uclouvain/openjpeg/commit/79c7d7af598b778c3cdcb455df23d50efc95eb3c upstream: https://github.com/uclouvain/openjpeg/commit/1daaa0b909aebdf71be36238d16dfbec83c494ed |
||
| Binaries built from this source package are in Universe and so are supported by the community. | ||
|
qtwebengine-opensource-src Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| focal |
Needed
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| impish |
Ignored
(end of life)
|
|
| jammy |
Needed
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| lunar |
Needed
|
|
| mantic |
Needed
|
|
|
texmaker Launchpad, Ubuntu, Debian |
bionic |
Needed
|
| focal |
Needed
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| impish |
Ignored
(end of life)
|
|
| jammy |
Needed
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Deferred
(2022-01-05)
|
|
| kinetic |
Ignored
(end of life, was needed)
|
|
| lunar |
Needed
|
|
| mantic |
Needed
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338
- https://github.com/uclouvain/openjpeg/pull/1346
- https://github.com/uclouvain/openjpeg/pull/1395
- https://github.com/uclouvain/openjpeg/pull/1396
- https://github.com/uclouvain/openjpeg/pull/1397
- https://github.com/uclouvain/openjpeg/pull/1398
- NVD
- Launchpad
- Debian