OSV-2018-185

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2018-185.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-185

Published

2021-01-13T00:01:16.904095Z

Modified

2022-04-13T03:04:33.214137Z

Summary

Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11001

Crash type: Heap-buffer-overflow READ 1
Crash state:
BEInt<unsigned short, 2>::operator unsigned short
OT::IndexSubtable::get_extents
OT::IndexSubtableRecord::get_extents

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11001

Affected packages

OSS-Fuzz / harfbuzz

Package

Name: harfbuzz
Purl: pkg:generic/harfbuzz

Affected ranges

Type: GIT
Repo: https://github.com/harfbuzz/harfbuzz.git
Events: Introduced

fc812faaa96aa4e67814a92376b2da751d5a0aba

Fixed

4c27da7638f6d072c3ff93223488c4ab316236c1

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2018-185.yaml"