CVE-2016-8332 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-8332 Interim 1 35 2025-11-05T04:18:26Z current 2021-05-30T13:46:39Z 2025-11-05T04:18:26Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-8332 A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2016-December/002525.html E-Mail link for SUSE-SU-2016:3270-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J6SIEQUDXXVF4DC2DY4ACIB3QXRQGPI3/#J6SIEQUDXXVF4DC2DY4ACIB3QXRQGPI3 E-Mail link for openSUSE-SU-2017:0155-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E6ZE2UZVOA4T4L5QDQMTW7IXFMASF7KD/#E6ZE2UZVOA4T4L5QDQMTW7IXFMASF7KD E-Mail link for openSUSE-SU-2017:0185-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZZJBGORAE6E4I3JJ42MFMKJSBJCBDLBU/#ZZJBGORAE6E4I3JJ42MFMKJSBJCBDLBU E-Mail link for openSUSE-SU-2017:0207-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AL7JYPSOTOZ4UZQTE7T4Y3J7RCMV7M6M/#AL7JYPSOTOZ4UZQTE7T4Y3J7RCMV7M6M E-Mail link for openSUSE-SU-2017:2567-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Package Hub 12 SUSE Package Hub 12 SP1 openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed libopenjp2-7-2.1.0-3.1 libopenjp2-7-2.1.0-4.12.2 libopenjp2-7-2.1.0-4.9.1 libopenjp2-7-2.1.0-5.1 libopenjp2-7-2.1.0-6.1 libopenjp2-7-2.3.0-1.25 libopenjp2-7-2.3.0-150000.3.13.1 libopenjp2-7-2.3.0-150000.3.18.1 libopenjp2-7-2.3.0-150000.3.5.1 libopenjp2-7-2.3.0-150000.3.8.1 libopenjp2-7-2.3.0-lp150.1.5 libopenjp2-7-2.3.0-lp152.3.9 libopenjp2-7-2.4.0-1.4 libopenjp2-7-2.5.3-160000.2.2 libopenjp2-7-32bit-2.4.0-1.4 libopenjp2-7-x86-64-v3-2.5.3-160000.2.2 openjpeg2-2.1.0-5.1 openjpeg2-2.1.0-6.1 openjpeg2-2.3.0-1.25 openjpeg2-2.3.0-150000.3.13.1 openjpeg2-2.3.0-150000.3.18.1 openjpeg2-2.3.0-150000.3.5.1 openjpeg2-2.3.0-150000.3.8.1 openjpeg2-2.4.0-1.4 openjpeg2-2.5.3-160000.2.2 openjpeg2-devel-2.1.0-5.1 openjpeg2-devel-2.1.0-6.1 openjpeg2-devel-2.3.0-1.25 openjpeg2-devel-2.3.0-150000.3.13.1 openjpeg2-devel-2.3.0-150000.3.18.1 openjpeg2-devel-2.3.0-150000.3.5.1 openjpeg2-devel-2.3.0-150000.3.8.1 openjpeg2-devel-2.4.0-1.4 openjpeg2-devel-2.5.3-160000.2.2 openjpeg2-devel-doc-2.4.0-1.4 openjpeg2-devel-doc-2.5.3-160000.2.2 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 libopenjp2-7-2.1.0-4.9.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libopenjp2-7-2.1.0-4.12.2 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 libopenjp2-7-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 openjpeg2-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 openjpeg2-devel-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 libopenjp2-7-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 openjpeg2-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 openjpeg2-devel-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP1 libopenjp2-7-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 openjpeg2-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 openjpeg2-devel-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 libopenjp2-7-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 openjpeg2-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 openjpeg2-devel-2.3.0-1.25 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 libopenjp2-7-2.3.0-150000.3.5.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 openjpeg2-2.3.0-150000.3.5.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 openjpeg2-devel-2.3.0-150000.3.5.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 libopenjp2-7-2.3.0-150000.3.8.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 openjpeg2-2.3.0-150000.3.8.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 openjpeg2-devel-2.3.0-150000.3.8.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 libopenjp2-7-2.3.0-150000.3.13.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 openjpeg2-2.3.0-150000.3.13.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 openjpeg2-devel-2.3.0-150000.3.13.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 libopenjp2-7-2.3.0-150000.3.18.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 openjpeg2-2.3.0-150000.3.18.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 openjpeg2-devel-2.3.0-150000.3.18.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Server 12 SP2 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Server 12 SP3 libopenjp2-7-2.1.0-4.9.1 as a component of SUSE Linux Enterprise Server 12 SP4 libopenjp2-7-2.1.0-4.12.2 as a component of SUSE Linux Enterprise Server 12 SP5 libopenjp2-7-2.5.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libopenjp2-7-x86-64-v3-2.5.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openjpeg2-2.5.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openjpeg2-devel-2.5.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 openjpeg2-devel-doc-2.5.3-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libopenjp2-7-2.1.0-3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libopenjp2-7-2.1.0-4.12.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libopenjp2-7-2.1.0-5.1 as a component of SUSE Package Hub 12 openjpeg2-2.1.0-5.1 as a component of SUSE Package Hub 12 openjpeg2-devel-2.1.0-5.1 as a component of SUSE Package Hub 12 libopenjp2-7-2.1.0-6.1 as a component of SUSE Package Hub 12 SP1 openjpeg2-2.1.0-6.1 as a component of SUSE Package Hub 12 SP1 openjpeg2-devel-2.1.0-6.1 as a component of SUSE Package Hub 12 SP1 libopenjp2-7-2.3.0-lp150.1.5 as a component of openSUSE Leap 15.0 libopenjp2-7-2.3.0-lp152.3.9 as a component of openSUSE Leap 15.2 libopenjp2-7-2.3.0-1.25 as a component of openSUSE Leap 15.3 libopenjp2-7-2.3.0-150000.3.5.1 as a component of openSUSE Leap 15.4 libopenjp2-7-2.4.0-1.4 as a component of openSUSE Tumbleweed libopenjp2-7-32bit-2.4.0-1.4 as a component of openSUSE Tumbleweed openjpeg2-2.4.0-1.4 as a component of openSUSE Tumbleweed openjpeg2-devel-2.4.0-1.4 as a component of openSUSE Tumbleweed openjpeg2-devel-doc-2.4.0-1.4 as a component of openSUSE Tumbleweed A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector. CVE-2016-8332 SUSE Linux Enterprise Desktop 12 SP2:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Desktop 12 SP3:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Desktop 12 SP4:libopenjp2-7-2.1.0-4.9.1 SUSE Linux Enterprise High Performance Computing 12 SP5:libopenjp2-7-2.1.0-4.12.2 SUSE Linux Enterprise Module for Basesystem 15:libopenjp2-7-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15:openjpeg2-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15:openjpeg2-devel-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP1:libopenjp2-7-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP1:openjpeg2-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP1:openjpeg2-devel-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP2:libopenjp2-7-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP2:openjpeg2-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP2:openjpeg2-devel-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP3:libopenjp2-7-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP3:openjpeg2-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP3:openjpeg2-devel-2.3.0-1.25 SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenjp2-7-2.3.0-150000.3.5.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:openjpeg2-2.3.0-150000.3.5.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:openjpeg2-devel-2.3.0-150000.3.5.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:libopenjp2-7-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:openjpeg2-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:openjpeg2-devel-2.3.0-150000.3.8.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:libopenjp2-7-2.3.0-150000.3.13.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:openjpeg2-2.3.0-150000.3.13.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:openjpeg2-devel-2.3.0-150000.3.13.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libopenjp2-7-2.3.0-150000.3.18.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:openjpeg2-2.3.0-150000.3.18.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:openjpeg2-devel-2.3.0-150000.3.18.1 SUSE Linux Enterprise Server 12 SP2:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Server 12 SP3:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Server 12 SP4:libopenjp2-7-2.1.0-4.9.1 SUSE Linux Enterprise Server 12 SP5:libopenjp2-7-2.1.0-4.12.2 SUSE Linux Enterprise Server 16.0:libopenjp2-7-2.5.3-160000.2.2 SUSE Linux Enterprise Server 16.0:libopenjp2-7-x86-64-v3-2.5.3-160000.2.2 SUSE Linux Enterprise Server 16.0:openjpeg2-2.5.3-160000.2.2 SUSE Linux Enterprise Server 16.0:openjpeg2-devel-2.5.3-160000.2.2 SUSE Linux Enterprise Server 16.0:openjpeg2-devel-doc-2.5.3-160000.2.2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libopenjp2-7-2.1.0-3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libopenjp2-7-2.1.0-4.12.2 SUSE Package Hub 12:libopenjp2-7-2.1.0-5.1 SUSE Package Hub 12:openjpeg2-2.1.0-5.1 SUSE Package Hub 12:openjpeg2-devel-2.1.0-5.1 SUSE Package Hub 12 SP1:libopenjp2-7-2.1.0-6.1 SUSE Package Hub 12 SP1:openjpeg2-2.1.0-6.1 SUSE Package Hub 12 SP1:openjpeg2-devel-2.1.0-6.1 openSUSE Leap 15.0:libopenjp2-7-2.3.0-lp150.1.5 openSUSE Leap 15.2:libopenjp2-7-2.3.0-lp152.3.9 openSUSE Leap 15.3:libopenjp2-7-2.3.0-1.25 openSUSE Leap 15.4:libopenjp2-7-2.3.0-150000.3.5.1 openSUSE Tumbleweed:libopenjp2-7-2.4.0-1.4 openSUSE Tumbleweed:libopenjp2-7-32bit-2.4.0-1.4 openSUSE Tumbleweed:openjpeg2-2.4.0-1.4 openSUSE Tumbleweed:openjpeg2-devel-2.4.0-1.4 openSUSE Tumbleweed:openjpeg2-devel-doc-2.4.0-1.4 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H