OSV-2017-24

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gstreamer/OSV-2017-24.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2017-24

Published

2021-01-13T00:01:28.099192Z

Modified

2022-04-13T03:04:33.800629Z

Summary

Heap-buffer-overflow in pnm_type_find

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4039

Crash type: Heap-buffer-overflow READ 1
Crash state:
pnm_type_find
gst_type_find_factory_call_function
gst_type_find_helper_for_data

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4039

Affected packages

OSS-Fuzz / gstreamer

Package

Name: gstreamer
Purl: pkg:generic/gstreamer

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/gstreamer/gstreamer.git
Events: Introduced

5d885b9dc73d3007ea04e96c24d0ef30c365bc4d

Fixed

d106390adce5cee837d2d0aab377d758a45a4b2d

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "fb56ad6bee2366813f6be4f697579c06774b062d:4c795924dba5595fb1472864f7d27262bce247a8",
    "fixed_range": "4c795924dba5595fb1472864f7d27262bce247a8:d106390adce5cee837d2d0aab377d758a45a4b2d"
}