openSUSE-SU-2019:1315

https://github.com/mdadams/jasper/issues/182

[debian-lts-announce] 20190102 [SECURITY] [DLA 1628-1] jasper security update

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4688-1 advisory.

  - JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and     application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
    (CVE-2017-9782)

  - An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function     ras_putdatastd in ras/ras_enc.c. (CVE-2018-18873)

  - An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode     in libjasper/jp2/jp2_dec.c, leading to a denial of service. (CVE-2018-19542)

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the jasker packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :

  - An issue was discovered in JasPer 2.0.14. There is an     access violation in the function jas_image_readcmpt in     libjasper/base/jas_image.c, leading to a denial of     service.(CVE-2018-19539)

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer overflow of size 1 in the function     jas_icctxtdesc_input in     libjasper/base/jas_icc.c.(CVE-2018-19540)

  - An issue was discovered in JasPer 2.0.14. There is a     NULL pointer dereference in the function jp2_decode in     libjasper/jp2/jp2_dec.c, leading to a denial of     service.(CVE-2018-19542)

  - An issue has been found in JasPer 2.0.14. There is a     memory leak in jas_malloc.c when called from     jpc_unk_getparms in jpc_cs.c.(CVE-2018-19139)

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer over-read of size 8 in the function     jas_image_depalettize in     libjasper/base/jas_image.c.(CVE-2018-19541)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the jasper package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :

  - JasPer 2.0.14 allows denial of service via a reachable     assertion in the function jpc_firstone in     libjasper/jpc/jpc_math.c.(CVE-2018-9055)

  - An issue was discovered in JasPer 2.0.14. There is a     NULL pointer dereference in the function jp2_decode in     libjasper/jp2/jp2_dec.c, leading to a denial of     service.(CVE-2018-19542)

  - An issue was discovered in JasPer 2.0.14. There is an     access violation in the function jas_image_readcmpt in     libjasper/base/jas_image.c, leading to a denial of     service.(CVE-2018-19539)

  - JasPer 2.0.13 allows remote attackers to cause a denial     of service (heap-based buffer over-read and application     crash) via a crafted image, related to the     jas_image_ishomosamp function in     libjasper/base/jas_image.c.(CVE-2017-14132)

  - There are lots of memory leaks in JasPer 2.0.12,     triggered in the function jas_strdup() in     base/jas_string.c, that will lead to a remote denial of     service attack.(CVE-2017-13748)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer overflow of size 1 in the function     jas_icctxtdesc_input in     libjasper/base/jas_icc.c.(CVE-2018-19540)

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer over-read of size 8 in the function     jas_image_depalettize in     libjasper/base/jas_image.c.(CVE-2018-19541)

  - An issue was discovered in JasPer 2.0.14. There is a     NULL pointer dereference in the function jp2_decode in     libjasper/jp2/jp2_dec.c, leading to a denial of     service.(CVE-2018-19542)

  - An issue was discovered in JasPer 2.0.14. There is an     access violation in the function jas_image_readcmpt in     libjasper/base/jas_image.c, leading to a denial of     service.(CVE-2018-19539)

  - Heap-based buffer overflow in the jpc_dec_decodepkt     function in jpc_t2dec.c in JasPer 2.0.10 allows remote     attackers to have unspecified impact via a crafted     image.(CVE-2017-6852)

  - JasPer 2.0.14 allows denial of service via a reachable     assertion in the function jpc_firstone in     libjasper/jpc/jpc_math.c.(CVE-2018-9055)

  - The jpc_floorlog2 function in jpc_math.c in JasPer     before 1.900.17 allows remote attackers to cause a     denial of service (assertion failure) via unspecified     vectors.(CVE-2016-9398)

  - There are lots of memory leaks in JasPer 2.0.12,     triggered in the function jas_strdup() in     base/jas_string.c, that will lead to a remote denial of     service attack.(CVE-2017-13748)

  - There is a reachable assertion abort in the function     calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that     will lead to a remote denial of service     attack.(CVE-2017-13751)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - The jpc_floorlog2 function in jpc_math.c in JasPer     before 1.900.17 allows remote attackers to cause a     denial of service (assertion failure) via unspecified     vectors.(CVE-2016-9398)

  - JasPer 2.0.14 allows denial of service via a reachable     assertion in the function jpc_firstone in     libjasper/jpc/jpc_math.c.(CVE-2018-9055)

  - An issue was discovered in JasPer 2.0.14. There is an     access violation in the function jas_image_readcmpt in     libjasper/base/jas_image.c, leading to a denial of     service.(CVE-2018-19539)

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer overflow of size 1 in the function     jas_icctxtdesc_input in     libjasper/base/jas_icc.c.(CVE-2018-19540)

  - An issue was discovered in JasPer 2.0.14. There is a     heap-based buffer over-read of size 8 in the function     jas_image_depalettize in     libjasper/base/jas_image.c.(CVE-2018-19541)

  - An issue was discovered in JasPer 2.0.14. There is a     NULL pointer dereference in the function jp2_decode in     libjasper/jp2/jp2_dec.c, leading to a denial of     service.(CVE-2018-19542)

  - There are lots of memory leaks in JasPer 2.0.12,     triggered in the function jas_strdup() in     base/jas_string.c, that will lead to a remote denial of     service attack.(CVE-2017-13748)

  - There is a reachable assertion abort in the function     calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that     will lead to a remote denial of service     attack.(CVE-2017-13751)

  - Heap-based buffer overflow in the jpc_dec_decodepkt     function in jpc_t2dec.c in JasPer 2.0.10 allows remote     attackers to have unspecified impact via a crafted     image.(CVE-2017-6852)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - An issue was discovered in JasPer 2.0.14. There is a     NULL pointer dereference in the function jp2_decode in     libjasper/jp2/jp2_dec.c, leading to a denial of     service.(CVE-2018-19542)

  - An issue was discovered in JasPer 2.0.14. There is an     access violation in the function jas_image_readcmpt in     libjasper/base/jas_image.c, leading to a denial of     service.(CVE-2018-19539)

  - JasPer 2.0.14 allows denial of service via a reachable     assertion in the function jpc_firstone in     libjasper/jpc/jpc_math.c.(CVE-2018-9055)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for jasper fixes the following issues :

Security issues fixed :

CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input (bsc#1117508).

CVE-2018-19541: Fix heap based overread in jas_image_depalettize (bsc#1117507).

CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505).

CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511).

CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for jasper fixes the following issues :

Security issues fixed :

  - CVE-2018-19542: Fixed a denial of service in jp2_decode     (bsc#1117505).

  - CVE-2018-19539: Fixed a denial of service in     jas_image_readcmpt (bsc#1117511).

  - CVE-2016-9396: Fixed a denial of service in     jpc_cox_getcompparms (bsc#1010783).

This update was imported from the SUSE:SLE-15:Update update project.

This update for jasper fixes the following issues :

Security issues fixed :

CVE-2018-19542: Fixed a denial of service in jp2_decode (bsc#1117505).

CVE-2018-19539: Fixed a denial of service in jas_image_readcmpt (bsc#1117511).

CVE-2016-9396: Fixed a denial of service in jpc_cox_getcompparms (bsc#1010783).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
144849	Ubuntu 16.04 LTS : JasPer vulnerabilities (USN-4688-1)	Nessus	Ubuntu Local Security Checks	high
144718	EulerOS Virtualization for ARM 64 3.0.2.0 : jasker (EulerOS-SA-2021-1044)	Nessus	Huawei Local Security Checks	high
132807	EulerOS Virtualization for ARM 64 3.0.5.0 : jasper (EulerOS-SA-2020-1053)	Nessus	Huawei Local Security Checks	high
132133	EulerOS 2.0 SP3 : jasper (EulerOS-SA-2019-2598)	Nessus	Huawei Local Security Checks	high
131643	EulerOS 2.0 SP2 : jasper (EulerOS-SA-2019-2490)	Nessus	Huawei Local Security Checks	high
131348	EulerOS 2.0 SP8 : jasper (EulerOS-SA-2019-2282)	Nessus	Huawei Local Security Checks	medium
129553	SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2019:2513-1)	Nessus	SuSE Local Security Checks	high
124584	openSUSE Security Update : jasper (openSUSE-2019-1315)	Nessus	SuSE Local Security Checks	high
124295	SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2019:1018-1)	Nessus	SuSE Local Security Checks	high

CVE-2018-19542

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Tenable Plugins

high

high

high

high

high

medium

high

high

high