CVE-2021-36089

Published: 01 July 2021

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour).

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
libgrokj2k
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Needed

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(out of standard support)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist