vulnerability

Arch Linux: Denial of service (CVE-2020-27842)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Jan 5, 2021	Jul 11, 2025	Nov 27, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Jan 5, 2021

Added

Jul 11, 2025

Modified

Nov 27, 2025

Description

A null pointer dereference issue was found in lib/openjp2/tgt.c when a small precincts size, the option "-TP C" and non (0,0) grid offset are given in OpenJPEG before version 2.4.0.

Solution

arch-linux-upgrade-latest

References

CVE-2020-27842
https://attackerkb.com/topics/CVE-2020-27842
URL-https://bugzilla.redhat.com/show_bug.cgi?id=1907513
URL-https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html
URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/
URL-https://security.archlinux.org/ASA-202012-21
URL-https://security.gentoo.org/glsa/202101-29
URL-https://www.debian.org/security/2021/dsa-4882
URL-https://www.oracle.com//security-alerts/cpujul2021.html
URL-https://www.oracle.com/security-alerts/cpuApr2021.html
CWE-125

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today