fix: CVE-2025-53644

OpenCV is an Open Source Computer Vision Library. Versions prior to 4.12.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-53644 Upstream-patch: https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466 Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2026-06-14 17:59:59 +00:00 · 2025-09-18 10:27:47 +05:30
parent 80ab58cc40
commit 4f1f7f89f5
2 changed files with 30 additions and 0 deletions
@@ -0,0 +1,29 @@
+From a39db41390de546d18962ee1278bd6dbb715f466 Mon Sep 17 00:00:00 2001
+From: Alexander Smorkalov <alexander.smorkalov@opencv.ai>
+Date: Tue, 13 May 2025 08:56:14 +0300
+Subject: [PATCH] Cherry-pick OpenJPEG deconding status fix.
+
+CVE: CVE-2025-53644
+
+Upstream-Status: Backport [https://github.com/opencv/opencv/commit/a39db41390de546d18962ee1278bd6dbb715f466]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ 3rdparty/openjpeg/openjp2/jp2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/3rdparty/openjpeg/openjp2/jp2.c b/3rdparty/openjpeg/openjp2/jp2.c
+index 6015190e1f..ab868bd7c1 100644
+--- a/3rdparty/openjpeg/openjp2/jp2.c
+++ b/3rdparty/openjpeg/openjp2/jp2.c
+@@ -2869,7 +2869,7 @@ OPJ_BOOL opj_jp2_read_header(opj_stream_private_t *p_stream,
+                               p_image,
+                               p_manager);
+
+-    if (p_image && *p_image) {
+    if (ret && p_image && *p_image) {
+         /* Set Image Color Space */
+         if (jp2->enumcs == 16) {
+             (*p_image)->color_space = OPJ_CLRSPC_SRGB;
+--
+2.40.0
@@ -35,6 +35,7 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=4.x;protocol=ht
           file://0008-Do-not-embed-build-directory-in-binaries.patch \
           file://0001-core-fixed-VSX-intrinsics-implementation.patch \
           file://0001-FROMLIST-Switch-to-static-instance-of-FastCV-on-Linux.patch \
+           file://CVE-2025-53644.patch \
           "
 SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib"