CVE-2021-3575

Name	CVE-2021-3575
Description	A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
Debian Bugs	989775

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
openjpeg2 (PTS)	stretch	2.1.2-1.1+deb9u4	vulnerable
	stretch (security)	2.1.2-1.1+deb9u7	vulnerable
	buster, buster (security)	2.3.0-2+deb10u2	vulnerable
	bullseye	2.4.0-3	vulnerable
	bookworm, sid	2.5.0-1	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
openjpeg2	source	(unstable)	(unfixed)			989775

Notes

[bullseye] - openjpeg2 <no-dsa> (Minor issue)
[buster] - openjpeg2 <no-dsa> (Minor issue)
[stretch] - openjpeg2 <no-dsa> (Minor issue)
https://github.com/uclouvain/openjpeg/issues/1347