In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openjpeg | Uclouvain | 2.3.1 (including) | 2.3.1 (including) |
| Blender | Ubuntu | bionic | * |
| Blender | Ubuntu | cosmic | * |
| Blender | Ubuntu | disco | * |
| Blender | Ubuntu | eoan | * |
| Blender | Ubuntu | groovy | * |
| Blender | Ubuntu | hirsute | * |
| Blender | Ubuntu | impish | * |
| Blender | Ubuntu | kinetic | * |
| Blender | Ubuntu | lunar | * |
| Blender | Ubuntu | mantic | * |
| Blender | Ubuntu | trusty | * |
| Blender | Ubuntu | xenial | * |
| Emscripten | Ubuntu | bionic | * |
| Emscripten | Ubuntu | cosmic | * |
| Emscripten | Ubuntu | devel | * |
| Emscripten | Ubuntu | disco | * |
| Emscripten | Ubuntu | eoan | * |
| Emscripten | Ubuntu | esm-apps/bionic | * |
| Emscripten | Ubuntu | esm-apps/jammy | * |
| Emscripten | Ubuntu | esm-apps/noble | * |
| Emscripten | Ubuntu | esm-apps/xenial | * |
| Emscripten | Ubuntu | hirsute | * |
| Emscripten | Ubuntu | impish | * |
| Emscripten | Ubuntu | jammy | * |
| Emscripten | Ubuntu | kinetic | * |
| Emscripten | Ubuntu | lunar | * |
| Emscripten | Ubuntu | mantic | * |
| Emscripten | Ubuntu | noble | * |
| Emscripten | Ubuntu | oracular | * |
| Emscripten | Ubuntu | trusty | * |
| Emscripten | Ubuntu | xenial | * |
| Gdcm | Ubuntu | cosmic | * |
| Gdcm | Ubuntu | trusty | * |
| Ghostscript | Ubuntu | trusty | * |
| Insighttoolkit4 | Ubuntu | bionic | * |
| Insighttoolkit4 | Ubuntu | cosmic | * |
| Insighttoolkit4 | Ubuntu | disco | * |
| Insighttoolkit4 | Ubuntu | eoan | * |
| Insighttoolkit4 | Ubuntu | groovy | * |
| Insighttoolkit4 | Ubuntu | hirsute | * |
| Insighttoolkit4 | Ubuntu | impish | * |
| Insighttoolkit4 | Ubuntu | kinetic | * |
| Insighttoolkit4 | Ubuntu | lunar | * |
| Insighttoolkit4 | Ubuntu | trusty | * |
| Insighttoolkit4 | Ubuntu | xenial | * |
| Openjpeg2 | Ubuntu | bionic | * |
| Openjpeg2 | Ubuntu | cosmic | * |
| Openjpeg2 | Ubuntu | devel | * |
| Openjpeg2 | Ubuntu | disco | * |
| Openjpeg2 | Ubuntu | eoan | * |
| Openjpeg2 | Ubuntu | esm-apps/bionic | * |
| Openjpeg2 | Ubuntu | focal | * |
| Openjpeg2 | Ubuntu | groovy | * |
| Openjpeg2 | Ubuntu | hirsute | * |
| Openjpeg2 | Ubuntu | impish | * |
| Openjpeg2 | Ubuntu | jammy | * |
| Openjpeg2 | Ubuntu | kinetic | * |
| Openjpeg2 | Ubuntu | lunar | * |
| Openjpeg2 | Ubuntu | mantic | * |
| Openjpeg2 | Ubuntu | noble | * |
| Openjpeg2 | Ubuntu | oracular | * |
| Openjpeg2 | Ubuntu | trusty | * |
| Openjpeg2 | Ubuntu | upstream | * |
| Openjpeg2 | Ubuntu | xenial | * |
| Qtwebengine-opensource-src | Ubuntu | bionic | * |
| Qtwebengine-opensource-src | Ubuntu | cosmic | * |
| Qtwebengine-opensource-src | Ubuntu | disco | * |
| Qtwebengine-opensource-src | Ubuntu | eoan | * |
| Qtwebengine-opensource-src | Ubuntu | groovy | * |
| Qtwebengine-opensource-src | Ubuntu | hirsute | * |
| Qtwebengine-opensource-src | Ubuntu | impish | * |
| Qtwebengine-opensource-src | Ubuntu | kinetic | * |
| Qtwebengine-opensource-src | Ubuntu | lunar | * |
| Qtwebengine-opensource-src | Ubuntu | mantic | * |
| Texmaker | Ubuntu | bionic | * |
| Texmaker | Ubuntu | cosmic | * |
| Texmaker | Ubuntu | disco | * |
| Texmaker | Ubuntu | eoan | * |
| Texmaker | Ubuntu | groovy | * |
| Texmaker | Ubuntu | hirsute | * |
| Texmaker | Ubuntu | impish | * |
| Texmaker | Ubuntu | kinetic | * |
| Texmaker | Ubuntu | lunar | * |
| Texmaker | Ubuntu | mantic | * |
| Texmaker | Ubuntu | trusty | * |
| Texmaker | Ubuntu | xenial | * |
| Red Hat Enterprise Linux 8 | RedHat | openjpeg2-0:2.4.0-4.el8 | * |