OpenJPEG Vulnerability Leads to Terminal Looping
CVE-2023-39327

4.3MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 13 July 2024

Summary

A vulnerability exists within the OpenJPEG library that can be exploited through specially crafted images. When such images are processed, the library may enter an infinite loop, resulting in excessive terminal output and potentially leading to resource exhaustion. This behavior can disrupt normal operations and diminish the availability of applications relying on the OpenJPEG library.

References

https://access.redhat.com/security/cve/CVE-2023-39327

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2295812

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 13, 2024