Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 16 Jan 2017 19:11:33 -0500
From: <cve-assign@...re.org>
To: <ago@...too.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: jasper: invalid memory read in jas_matrix_asl (jas_seq.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> [] https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c
> 
> AddressSanitizer: SEGV on unknown address
> The signal is caused by a READ memory access.
> 
> jas_matrix_asl ... jasper-1.900.27/src/libjasper/base/jas_seq.c:376:11

Use CVE-2017-5505.


- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYfV+YAAoJEHb/MwWLVhi2JbMQAKJyXcljg++i7XUckrbXk7aw
rtgu6dCKSX2Vuaj1A16M0z4axW5rBztxCIKYW8YsB9h5WtQaEmN2S5yVHvnWZXAm
/FYxaAWXsGKBEpL/V/MH7xbcBgoqgwDhV4RqS/qdJqesftimzep8DN0Ko88ix2Qd
Sqbn0YpPEIj/BeWib7Sji7wX/9a615hL4wdEK2GmmFOUeWSIyVUEL42aGxNlWSe1
FLNg3/YC+LV+8XSB2HKg2gAKtQICj0ZBQAiJRJqAtSWrKCdc8wrVHRZfX9eSuPdp
1YiCiNoQu6yQTopiWPY8HzILhMIg9Ao0gQVplHt1Uwqmke37oQTO+rzPQ1bY8R8m
i/3HqRMmMh8DYPtYd09GZ5YERvuGXC6I46hQNFL1aTK71tMJjHwoypO+1Zh50wkZ
uv9+tYu2uFm4FSk/ngaxphfqqr/Kchuni5xU7IVGRgyE6I7akMK3+lBrff1ppFYN
cewXe3/Kb7SpudiEKRPfhLMSf9xbwt9p6k/osc5KUYfNpH9hSC5+DzTuZeBvuo9z
dCD7LN6HeYRYLtw8z7gvCykQo1ij2j51n4C7gYo9Ju7qElceEskHjNhx9En52vxd
TqJ5ru/07S60soE1aOHBQW+262Kr6/0BmbJrQe/DEeDkPczO4GfX1vHZ205yyyyf
ODkC2oAB3jzKmXez32l1
=w95I
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ