A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
Credits
Red Hat would like to thank Frank Zeng (Huazhong University of Science and Technology) for reporting this issue.
