Not a user yet?
Log in Register for free Suggest a product
Update

USN-7223-1: OpenJPEG vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical

USN-7223-1: OpenJPEG vulnerabilities
22 January 2025

OpenJPEG could be made to crash or run programs if it opened a specially crafted file.

Releases

  • Ubuntu 24.10
  • Ubuntu 24.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages
openjpeg2 - JPEG 2000 image compression/decompression library
Details
Frank Zeng discovered that OpenJPEG incorrectly handled memory when using
the decompression utility. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2024-56826,
CVE-2024-56827)

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.10

  • libopenjp2-7 - 2.5.0-2ubuntu1.2
  • libopenjp2-tools - 2.5.0-2ubuntu1.2
    Ubuntu 24.04
  • libopenjp2-7 - 2.5.0-2ubuntu0.3
  • libopenjp2-tools - 2.5.0-2ubuntu0.3
    Ubuntu 22.04
  • libopenjp2-7 - 2.4.0-6ubuntu0.3
  • libopenjp2-tools - 2.4.0-6ubuntu0.3
  • libopenjp3d-tools - 2.4.0-6ubuntu0.3
  • libopenjp3d7 - 2.4.0-6ubuntu0.3
    Ubuntu 20.04
  • libopenjp2-7 - 2.3.1-1ubuntu4.20.04.4
  • libopenjp2-tools - 2.3.1-1ubuntu4.20.04.4
  • libopenjp3d-tools - 2.3.1-1ubuntu4.20.04.4
  • libopenjp3d7 - 2.3.1-1ubuntu4.20.04.4

In general, a standard system update will make all the necessary changes.

More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad