jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4235 advisory.

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of jasper installed on the remote host is prior to 1.900.1-21.12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1733 advisory.

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

  - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component     references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application     using the Jasper library to crash when opened. (CVE-2021-3443)

  - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component     references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an     application using the Jasper library to crash when opened. (CVE-2021-3467)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of jasper installed on the remote host is prior to 1.900.1-33. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2018 advisory.

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

  - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component     references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application     using the Jasper library to crash when opened. (CVE-2021-3443)

  - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component     references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an     application using the Jasper library to crash when opened. (CVE-2021-3467)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote NewStart CGSL host, running version MAIN 6.02, has jasper packages installed that are affected by multiple vulnerabilities:

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4235 advisory.

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4235 advisory.

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

  - A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead     to program crash and denial of service. (CVE-2021-26927)

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function     whic may lead to disclosure of information or program crash. (CVE-2021-26926)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4235 advisory.

  - jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828)

  - jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272)

  - jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926)

  - jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4235 advisory.

  - jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (CVE-2020-27828)

  - jasper: Out of bounds read in jp2_decode() in jp2_dec.c (CVE-2021-26926)

  - jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (CVE-2021-26927)

  - jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (CVE-2021-3272)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14627-1 advisory.

  - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an     attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality,     integrity, or application availability. (CVE-2020-27828)

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

JasPer Releases :

- Fix memory-related bugs in the JPEG-2000 codec resulting from attempting to decode invalid code streams. (#264, #265)

This fix is associated with CVE-2021-26926 and CVE-2021-26927.

- Fix wrong return value under some compilers (#260)

- Fix CVE-2021-3272 heap buffer overflow in jp2_decode (#259)

This update for jasper fixes the following issues :

  - bsc#1179748 CVE-2020-27828: Fix heap overflow by     checking maxrlvls

  - bsc#1181483 CVE-2021-3272: Fix buffer over-read in     jp2_decode

This update was imported from the SUSE:SLE-15:Update update project.

This update for jasper fixes the following issues :

bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls

bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-b1b17185fc advisory.

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-8ecb3686ca advisory.

  - jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is     an invalid relationship between the number of channels and the number of image components. (CVE-2021-3272)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
185007	Rocky Linux 8 : jasper (RLSA-2021:4235)	Nessus	Rocky Linux Local Security Checks	high
174621	Amazon Linux AMI : jasper (ALAS-2023-1733)	Nessus	Amazon Linux Local Security Checks	high
174570	Amazon Linux 2 : jasper (ALAS-2023-2018)	Nessus	Amazon Linux Local Security Checks	high
167462	NewStart CGSL MAIN 6.02 : jasper Multiple Vulnerabilities (NS-SA-2022-0083)	Nessus	NewStart CGSL Local Security Checks	high
157518	AlmaLinux 8 : jasper (ALSA-2021:4235)	Nessus	Alma Linux Local Security Checks	high
155398	Oracle Linux 8 : jasper (ELSA-2021-4235)	Nessus	Oracle Linux Local Security Checks	high
155089	RHEL 8 : jasper (RHSA-2021:4235)	Nessus	Red Hat Local Security Checks	high
155051	CentOS 8 : jasper (CESA-2021:4235)	Nessus	CentOS Local Security Checks	high
150622	SUSE SLES11 Security Update : jasper (SUSE-SU-2021:14627-1)	Nessus	SuSE Local Security Checks	high
147098	FreeBSD : jasper -- multiple vulnerabilities (3a469cbc-7a66-11eb-bd3f-08002728f74c)	Nessus	FreeBSD Local Security Checks	high
146745	openSUSE Security Update : jasper (openSUSE-2021-303)	Nessus	SuSE Local Security Checks	high
146563	SUSE SLES12 Security Update : jasper (SUSE-SU-2021:0489-1)	Nessus	SuSE Local Security Checks	high
146553	SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2021:0488-1)	Nessus	SuSE Local Security Checks	high
146294	Fedora 32 : mingw-jasper (2021-b1b17185fc)	Nessus	Fedora Local Security Checks	medium
146276	Fedora 33 : mingw-jasper (2021-8ecb3686ca)	Nessus	Fedora Local Security Checks	medium

Detections

Analytics

CVE-2021-3272

medium

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

medium

medium