cve/CVE-2017-12982.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c.

POC

Reference

https://blogs.gentoo.org/ago/2017/08/14/openjpeg-memory-allocation-failure-in-opj_aligned_alloc_n-opj_malloc-c/
https://github.com/uclouvain/openjpeg/issues/983

Github

https://github.com/ICSE2020-MemLock/MemLock_Benchmark
https://github.com/SZU-SE/MemLock_Benchmark
https://github.com/SZU-SE/Uncontrolled-allocation-Fuzzer-TestSuite
https://github.com/tzf-key/MemLock_Benchmark
https://github.com/tzf-omkey/MemLock_Benchmark
https://github.com/wcventure/MemLock_Benchmark

1.2 KiB Raw Blame History

CVE-2017-12982

Description

POC

Reference

Github

1.2 KiB

Raw Blame History