Miggo Logo
Miggo Vulnerability Database
CVE-2024-56827

CVE-2024-56827: A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when...

5.6

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-56827
GHSA ID
GHSA-jq5v-29wx-7grq
EPSS Score
0.13672%
CWE
CWE-122
Published
1/9/2025
Updated
5/13/2025
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided commit directly patches the function opj_j2k_add_tlmarker in src/lib/openjp2/j2k.c. The patch adds a bounds check (l_current_tile_part < cstr_index->tile_index[tileno].nb_tps) before accessing an array element (cstr_index->tile_index[tileno].tp_index[l_current_tile_part]). The absence of this check in the vulnerable version allowed for a heap buffer overflow when l_current_tile_part was greater than or equal to the number of tile-parts (nb_tps), leading to an out-of-bounds write. The vulnerability description aligns with this, stating a heap buffer overflow in the OpenJPEG project related to the opj_decompress utility, and this function is part of the JPEG 2000 decoding process.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *oun* in t** Op*nJP** proj**t. * ***p *u***r ov*r*low *on*ition m*y ** tri***r** w**n **rt*in options *r* sp**i*i** w*il* usin* t** opj_***ompr*ss utility. T*is **n l*** to *n *ppli**tion *r*s* or ot**r un***in** ****vior.

Reasoning

T** provi*** *ommit *ir**tly p*t***s t** *un*tion `opj_j*k_***_tlm*rk*r` in `sr*/li*/op*njp*/j*k.*`. T** p*t** ***s * *oun*s ****k (`l_*urr*nt_til*_p*rt < *str_in**x->til*_in**x[til*no].n*_tps`) ***or* ****ssin* *n *rr*y *l*m*nt (`*str_in**x->til*_in