PT-2025-3336 · Openjpeg+9 · Openjpeg+9

Frank-Z7

Published

2025-01-02

Updated

2025-07-08

CVE-2024-56826

CVSS v3.1

5.6

Medium

Vector

AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenJPEG project (affected versions not specified)

Description A flaw was found in the OpenJPEG project, where a heap buffer overflow condition may be triggered when certain options are specified while using the opj decompress utility. This can lead to an application crash or other undefined behavior.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2025:7309

AZL-55450

AZL-55454

BDU:2025-03457

CVE-2024-56826

DLA-4107-1

DSA-5851-1

INFSA-2025_7309

MGASA-2025-0012

OESA-2025-1031

OPENSUSE-SU-2025:14620-1

OPENSUSE-SU-2025_0044-1

RHSA-2025:7309

RHSA-2025_7309

SUSE-SU-2025:0040-1

SUSE-SU-2025:0044-1

SUSE-SU-2025_0040-1

SUSE-SU-2025_0044-1

USN-7223-1

USN-7623-1

Affected Products

Almalinux

Astra Linux

Debian

Linuxmint

Openjpeg

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2025-3336 · Openjpeg+9 · Openjpeg+9

CVE-2024-56826

Weakness Enumeration

Related Identifiers

Affected Products

References · 67