CVE-2020-27824 - log back

CVE-2020-27824 edited at 29 Dec 2020 11:18:35
Description
- In openjpeg v2.3.1 and prior, if too many decomposition levels are supplied to the encoder, it could cause a global buffer overflow to out-of-bounds read in the opj_dwt_calc_explicit_stepsizes() function.
+ In OpenJPEG before version 2.4.0, if too many decomposition levels are supplied to the encoder, it could cause a global buffer overflow to out-of-bounds read in the opj_dwt_calc_explicit_stepsizes() function.
CVE-2020-27824 edited at 10 Dec 2020 13:27:51
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ In openjpeg v2.3.1 and prior, if too many decomposition levels are supplied to the encoder, it could cause a global buffer overflow to out-of-bounds read in the opj_dwt_calc_explicit_stepsizes() function.
References
+ https://github.com/uclouvain/openjpeg/issues/1286
+ https://github.com/uclouvain/openjpeg/pull/1292
+ https://github.com/uclouvain/openjpeg/commit/6daf5f3e1ec6eff03b7982889874a3de6617db8d
Notes
CVE-2020-27824 created at 10 Dec 2020 13:20:14