Skip to main content

Access of Uninitialized Pointer

CVE-2022-1122

Severity Medium
Score 5.5/10

Summary

A flaw was found in the "opj2_decompress" program in openjpeg prior to 2.5.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls "free()" on an uninitialized pointer, leading to a Segmentation Fault and a denial of service.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • HIGH

CWE-824 - Access of Uninitialized Pointer

The program accesses or uses a pointer that has not been initialized.

Advisory Timeline

  • Published