We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56826

Openjpeg: heap buffer overflow in bin/common/color.c



Description

A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.

Reserved 2025-01-01 | Published 2025-01-09 | Updated 2025-01-09 | Assigner redhat


MEDIUM: 5.6CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H

Problem types

Heap-based Buffer Overflow

Product status

Default status
unknown

Default status
unknown

Default status
unknown

Default status
unknown

Default status
unknown

Default status
affected

Timeline

2025-01-01:Reported to Red Hat.
2024-12-24:Made public.

Credits

Red Hat would like to thank Frank Zeng (Huazhong University of Science and Technology) for reporting this issue.

References

access.redhat.com/security/cve/CVE-2024-56826 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2335172 (RHBZ#2335172) issue-tracking

github.com/...ommit/e492644fbded4c820ca55b5e50e598d346e850e8

github.com/uclouvain/openjpeg/issues/1563

cve.org (CVE-2024-56826)

nvd.nist.gov (CVE-2024-56826)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56826

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.