ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0307
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0307)
Resumen:	The remote host is missing an update for the 'openjpeg2' package(s) announced via the MGASA-2020-0307 advisory.
Descripción:	Summary: The remote host is missing an update for the 'openjpeg2' package(s) announced via the MGASA-2020-0307 advisory. Vulnerability Insight: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice (CVE-2020-15389). Affected Software/OS: 'openjpeg2' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-15389 Debian Security Information: DSA-4882 (Google Search) https://www.debian.org/security/2021/dsa-4882 https://security.gentoo.org/glsa/202101-29 https://github.com/uclouvain/openjpeg/issues/1261 https://pastebin.com/4sDKQ7U8 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.