MGASA-2018-0039

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2017-9216
Published: 03 Jan 2018, 14:22
Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 Jan 2018, 14:22
Published
Vulnerability first disclosed
16 Apr 2026, 06:23
Last Modified
Vulnerability information updated

Description

Updated jbig2dec packages fix security vulnerability libjbig2dec.a in Artifex jbig2dec 0.13 has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file (CVE-2017-9216).

Affected Systems

  • mageiajbig2dec

    < 0.14-1.mga5

  • mageiajbig2dec

    < 0.14-1.mga6

References (3)