VDB

GCVE-110-MAGEIA-2022-129

GCVE-110-MAGEIA-2022-129
Advisory Published
Vulnetix · Advisory published April 2, 2022
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. (CVE-2022-1122)

Affected Products

VendorProductVersionsPlatforms
Mageiaopenjpeg22.4.0-1.3.mga8 (unaffected), 0 (affected), 2.4.0-1.3.mga8 (unaffected), 0 (affected)
Mageiaspyder0 (affected), 4.2.1-1.4.mga8 (unaffected)
Mageiapython-pyls-spyder0 (affected), 0.3.2-1.mga8 (unaffected)
Mageiapython-language-server0 (affected), 0.36.2-1.1.mga8 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›