SUSE-SU-2017:2144-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-8871 CVE-2016-7163

Published: 11 Aug 2017, 14:58

Last modified:04 Feb 2026, 03:30

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Aug 2017, 14:58

Published

Vulnerability first disclosed

04 Feb 2026, 03:30

Last Modified

Vulnerability information updated

Description

Security update for openjpeg2 This update for openjpeg2 fixes the following issues: - CVE 2016-7163: Integer Overflow could lead to remote code execution (bsc#997857). - CVE 2015-8871: Use-after-free in opj_j2k_write_mco function could lead to denial of service (bsc#979907).

Affected Systems

suse•openjpeg2&distro=SUSE Linux Enterprise Desktop 12 SP2
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Desktop 12 SP3
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Server 12 SP2
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Server 12 SP3
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 2.1.0-4.3.2
suse•openjpeg2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 2.1.0-4.3.2

SUSE-SU-2017:2144-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)