CVE-2015-8751: 
Linux Gentoo vulnerability analysis and mitigation

CVE-2015-8751 is a vulnerability discovered in the JasPer library's jas_matrix_create function that affects JPEG 2000 image processing. The vulnerability was identified as an integer overflow issue related to integer multiplication for memory allocation, which could be triggered by processing crafted JPEG 2000 images (NVD, Red Hat Bug).

The vulnerability exists in the jas_matrix_create function where an integer overflow can occur during memory allocation. Specifically, when matrix->maxrows_ is greater than 0, the multiplication of matrix->maxrows_ with sizeof(jas_seqent_t *) can cause an integer overflow. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (NVD).

The vulnerability could allow context-dependent attackers to have unspecified impact through a specially crafted JPEG 2000 image. Given the high CVSS score and the nature of the vulnerability, successful exploitation could potentially lead to code execution or system compromise (NVD).

Red Hat initially addressed this vulnerability as part of a larger patch that was originally created for CVE-2008-3520, which fixed multiple potential integer overflows. Many distributions have implemented similar patches to address this vulnerability (Openwall).