OSV-2018-85

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-85

Published

2021-01-13T00:00:39.442989Z

Modified

2022-04-13T03:04:39.817392Z

Summary

Heap-buffer-overflow in put_8tap_scaled_c

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11378

Crash type: Heap-buffer-overflow READ 2
Crash state:
put_8tap_scaled_c
put_8tap_sharp_scaled_c
mc

References

Affected packages

Type: GIT
Repo: https://code.videolan.org/videolan/dav1d.git
Events: Introduced

7ef74ca1005785f0791874d52217aecc76f190cd

Fixed

66adb457af2bedc1280af147047c64683834d939

Fixed

a6b94ca9e5cded0070419a02d9cadaa5f45b2d0d

{
    "severity": "MEDIUM",
    "introduced_range": "4a646a0ca25a22a809bfcb743332f6b6646d86a3:ec53ec6d5b4ebbb06d5c7209fd4f25634a6ad606"
}

fixed_range

"ec53ec6d5b4ebbb06d5c7209fd4f25634a6ad606:a6b94ca9e5cded0070419a02d9cadaa5f45b2d0d"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dav1d/OSV-2018-85.yaml"