Medium severity5.6OSV Advisory· Published Jan 9, 2025· Updated Apr 15, 2026
CVE-2024-56826
CVE-2024-56826
Description
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- osv-coords8 versionspkg:rpm/almalinux/openjpeg2pkg:rpm/almalinux/openjpeg2-develpkg:rpm/almalinux/openjpeg2-toolspkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 2.4.0-8.el9+ 7 more
- (no CPE)range: < 2.4.0-8.el9
- (no CPE)range: < 2.4.0-8.el9
- (no CPE)range: < 2.4.0-8.el9
- (no CPE)range: < 2.3.0-150000.3.18.1
- (no CPE)range: < 2.5.3-2.1
- (no CPE)range: < 2.3.0-150000.3.18.1
- (no CPE)range: < 2.3.0-150000.3.18.1
- (no CPE)range: < 2.1.0-4.21.1
Patches
Vulnerability mechanics
References
6- access.redhat.com/errata/RHSA-2025:7309nvd
- access.redhat.com/security/cve/CVE-2024-56826nvd
- bugzilla.redhat.com/show_bug.cginvd
- github.com/uclouvain/openjpeg/commit/e492644fbded4c820ca55b5e50e598d346e850e8nvd
- github.com/uclouvain/openjpeg/issues/1563nvd
- lists.debian.org/debian-lts-announce/2025/04/msg00002.htmlnvd
News mentions
0No linked articles in our index yet.