CVE-2025-54874
BaseFortify
Publication date: 2025-08-05
Last updated on: 2025-09-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| uclouvain | openjpeg | to 2.5.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-457 | The code uses a variable that has not been initialized, leading to unpredictable or unintended results. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in OpenJPEG occurs in the function opj_jp2_read_header when it processes JPEG 2000 data streams. If the data stream is too short and the p_image pointer is not initialized to NULL before calling opj_read_header, the internal function opj_j2k_read_header may fail and leave p_image uninitialized. Despite this failure, opj_jp2_read_header still checks and uses p_image, leading to a potential out-of-bounds heap memory write due to using an uninitialized pointer. This can cause memory errors detectable by tools like Valgrind or AddressSanitizer. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to out-of-bounds heap memory writes when processing malformed or truncated JPEG 2000 data streams. Such memory corruption can cause application crashes, data corruption, or potentially be exploited to execute arbitrary code or cause denial of service, depending on how the vulnerable function is used within an application. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by using memory analysis tools such as Valgrind or AddressSanitizer (ASAN) to identify errors caused by the use of uninitialized pointers in the OpenJPEG library when processing JPEG 2000 images. Running OpenJPEG functions like opj_jp2_read_header() on crafted or malformed JPEG 2000 files with these tools can reveal the out-of-bounds heap memory write. Example commands include: - Using Valgrind: valgrind --tool=memcheck ./your_openjpeg_app your_test.jp2 - Using AddressSanitizer (requires compiling OpenJPEG with ASAN enabled): ./your_openjpeg_app your_test.jp2 These tools will report invalid memory accesses related to this vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, ensure that you update OpenJPEG to a version that includes the fix (merged on January 16, 2025). The fix verifies the success of the internal header read function before accessing the p_image pointer, preventing use of uninitialized memory. If updating is not immediately possible, avoid processing untrusted or malformed JPEG 2000 files with vulnerable versions of OpenJPEG. Additionally, initialize the p_image pointer to NULL before calling opj_read_header() as a temporary safeguard. [1, 2]