OSV-2020-1285

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libhevc/OSV-2020-1285.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1285

Published

2020-07-22T21:50:02.950786Z

Modified

2023-02-24T01:30:44.196020Z

Summary

Use-of-uninitialized-value in ihevc_deblk_luma_vert_ssse3

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17009

Crash type: Use-of-uninitialized-value
Crash state:
ihevc_deblk_luma_vert_ssse3
ihevcd_deblk_ctb
ihevcd_process

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17009

Affected packages

OSS-Fuzz / libhevc

Package

Name: libhevc
Purl: pkg:generic/libhevc

Affected ranges

Type: GIT
Repo: https://android.googlesource.com/platform/external/libhevc
Events: Introduced

d28f2210ee8e65afdfb07a1fd6582285d3d178e0

Fixed

4d36db275bb4d0abc410415f6d8f5af4bc179102

Affected versions

android-10.*

android-10.0.0_r12

android-10.0.0_r13

android-10.0.0_r14

android-10.0.0_r30

android-10.0.0_r31

android-10.0.0_r32

android-10.0.0_r33

android-10.0.0_r34

android-10.0.0_r35

android-10.0.0_r36

android-10.0.0_r7

android-10.0.0_r8

android-10.0.0_r9

android-mainline-10.*

android-mainline-10.0.0_r10

android-mainline-10.0.0_r11

android-mainline-10.0.0_r12

android-mainline-10.0.0_r13

android-mainline-10.0.0_r5

android-mainline-10.0.0_r6

android-mainline-10.0.0_r7

android-mainline-10.0.0_r8

android-mainline-10.0.0_r9

android-mainline-12.*

android-mainline-12.0.0_r111

android-mainline-12.0.0_r54

platform-tools-29.*

platform-tools-29.0.5

Other

q_tzdata_aml_294400310

q_tzdata_aml_295500001

q_tzdata_aml_295500002

q_tzdata_aml_295600110

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:d28f2210ee8e65afdfb07a1fd6582285d3d178e0"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libhevc/OSV-2020-1285.yaml"