Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.
https://bugzilla.redhat.com/show_bug.cgi?id=1294039
http://www.openwall.com/lists/oss-security/2016/01/07/10