Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 18 Jan 2016 13:49:59 -0500 (EST)
From: cve-assign@...re.org
To: limingxing@....cn
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: Out-of-bounds Read in the OpenJpeg's opj_j2k_update_image_data and opj_tgt_reset function

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> opj_j2k_update_image_data
> AddressSanitizer: heap-buffer-overflow
> READ of size 4

Use CVE-2016-1923.


> opj_tgt_reset
> AddressSanitizer: SEGV on unknown address

Use CVE-2016-1924.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWnTLyAAoJEL54rhJi8gl5TpEP/2nGFLYuk37FXlViClyDElMB
c03MAy9ToQjW1iLnnRNoLn9nqO15yvxLu28l0hzXnag01v9xaOy4Z8TJWRvXqB3V
Jn4SU3xD7mnaHbzo0ObU1ywWvXaA3TVbFMmGu2Y4uFDW7/B/ZZFacYwAfT930mg/
pUWsO8i9QS+7wA899E9RjeewTtskyKXLXXlNaATJEl2hjG8flXUCdB3KN4dsTHl4
wNX+MWm9NwsSxyMG+3Uj4o6Ec5nhNeF5qqSYuPJtQQOcZZEHR1/sa7mq/7WO60Gx
ChRoKx2shlKxq8nUkMgDyKIbmXY2l6Lj9y9VyrwnOs7cimqh6F3MoZZ082JMjYX9
5NRVu3U7eFL3iDkDVKrUto3OiUHCDM7hyLEquFsU3DfcWEXGZC2DH27CjonuA/qV
VcKrlcB0WH1don4JoBiOh+2keu6Jt9W+W5PEDTjvu1BI2yqaZO+NCsjciNJ1Aiis
V/ly2mAp/tFpuAJCXWMGBKCCsyzgUcHnUBrKi2xHnY9sXzBUJ1ppO+n+ZI0anO7B
U70ekz7IvDK2L9YbxP673hTgCst2WM9o+c1GeCSacYL5gB0xMwXRQvKwYgDlVu4c
A1as0YquprR0pMpjeKlqyilnIRJAzK20tUIfUoSjqjopKZFWrcbInpWqjFUyoSoI
gcc50NDQB0Wxi2hfVDxk
=TVQP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ