An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2decode in libjasper/jp2/jp2dec.c, leading to a denial of service.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "1.900.1-debian1-2.4ubuntu1.3", "binary_name": "libjasper-dev" }, { "binary_version": "1.900.1-debian1-2.4ubuntu1.3", "binary_name": "libjasper-runtime" }, { "binary_version": "1.900.1-debian1-2.4ubuntu1.3", "binary_name": "libjasper-runtime-dbgsym" }, { "binary_version": "1.900.1-debian1-2.4ubuntu1.3", "binary_name": "libjasper1" }, { "binary_version": "1.900.1-debian1-2.4ubuntu1.3", "binary_name": "libjasper1-dbgsym" } ] }