Wind River Support Network

HomeDefectsLIN9-6317

Fixed

LIN9-6317 : Security Advisory - openjpeg - CVE-2018-5785

Created: Jan 31, 2018 Updated: Dec 23, 2018

Resolved Date: Oct 31, 2018

Found In Version: 9.0.0.13

Fix Version: 9.0.0.19

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

https://nvd.nist.gov/vuln/detail/CVE-2018-5785

Other Downloads

Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-5785