Access of Uninitialized Pointer
CVE-2022-1122
Summary
A flaw was found in the "opj2_decompress" program in openjpeg prior to 2.5.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls "free()" on an uninitialized pointer, leading to a Segmentation Fault and a denial of service.
- LOW
- LOCAL
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-824 - Access of Uninitialized Pointer
The program accesses or uses a pointer that has not been initialized.
References
Advisory Timeline
- Published