{"id":"CVE-2022-1122","details":"A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.","modified":"2026-03-20T11:48:17.596985Z","published":"2022-03-29T18:15:07.977Z","related":["ALSA-2022:7645","ALSA-2022:8207","MGASA-2022-0129","SUSE-SU-2022:1129-1","SUSE-SU-2022:1252-1","openSUSE-SU-2024:13571-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/uclouvain/openjpeg/issues/1368"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202209-04"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/uclouvain/openjpeg","events":[{"introduced":"0"},{"last_affected":"37ac30ceff6640bbab502388c5e0fa0bff23f505"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.0"}]}}],"versions":["v2.2.0","v2.3.0","v2.3.1","v2.4.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1122.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}