OSV-2020-1597

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavif/OSV-2020-1597.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1597
Published
2020-08-12T00:00:12.469996Z
Modified
2022-04-13T03:29:21.202851Z
Summary
UNKNOWN WRITE in avifDecoderDataFillImageGrid
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24811

Crash type: UNKNOWN WRITE
Crash state:
avifDecoderDataFillImageGrid
avifDecoderNextImage
avif_decode_fuzzer.cc
References

Affected packages

OSS-Fuzz / libavif

Package

Name
libavif
Purl
pkg:generic/libavif

Affected ranges

Type
GIT
Repo
https://github.com/AOMediaCodec/libavif.git
Events
Introduced
9c5f5653d1b08b1fd75b4af3fe8ed9c4a2ce0563
Fixed
0a8e7244d494ae98e9756355dfbfb6697ded2ff9
Fixed
4cfee6282b97533e6c99183ddf7a897173755c69

Affected versions

v0.*

v0.8.0
v0.8.1

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "c14d7fe55b0721cc7def752054cad10e2754521c:4cfee6282b97533e6c99183ddf7a897173755c69"
}