OSV-2018-227

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/librawspeed/OSV-2018-227.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-227

Published

2021-01-13T00:01:34.025512Z

Modified

2022-04-13T03:04:36.493923Z

Summary

Heap-buffer-overflow in rawspeed::TableLookUp::setTable

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5256

Crash type: Heap-buffer-overflow WRITE 2
Crash state:
rawspeed::TableLookUp::setTable
rawspeed::RawImageData::setTable
rawspeed::DngDecoder::handleMetadata

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5256

Affected packages

OSS-Fuzz / librawspeed

Package

Name: librawspeed
Purl: pkg:generic/librawspeed

Affected ranges

Type: GIT
Repo: https://github.com/darktable-org/rawspeed.git
Events: Introduced

23d5018f6b231d62daa6543094a85747beb9654a

Fixed

dbe7591e54bad5e6430d38be6bed051582da76b9

Affected versions

v3.*

v3.1

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "f0e9f60474d98883ab9343f584b73ca046263679:52da2b8fda29aa257088d91fb11877f909d578a2",
    "fixed_range": "212b7a8ea10acaaf722509e291ed1f59df8010df:dbe7591e54bad5e6430d38be6bed051582da76b9"
}