OSV-2020-546

Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2020-546.yaml
Published
2020-07-01T00:00:16.058420Z
Modified
2022-04-13T03:23:55.649834Z
Summary
Heap-buffer-overflow in ih264d_decode_slice_thread
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18960

Crash type: Heap-buffer-overflow READ 8
Crash state:
ih264d_decode_slice_thread
ih264d_decode_picture_thread
start_thread
References

Affected packages

OSS-Fuzz / libavc

Package

Name
libavc

Affected ranges

Type
GIT
Repo
https://android.googlesource.com/platform/external/libavc
Events
Introduced
82b7f933f46c179fb062f538271b966d938a3e38
Fixed
c0215b1b3de1f40da5e5f5138422da012bcc89ae
Fixed
6dd54b9e180c838c82767878d10c9615af2c5866

Affected versions

android-10.*

android-10.0.0_r12
android-10.0.0_r13
android-10.0.0_r14
android-10.0.0_r7
android-10.0.0_r8
android-10.0.0_r9

android-mainline-10.*

android-mainline-10.0.0_r4

Other

android-r-preview-1
android-r-preview-2
android-r-preview-3
android-r-preview-4

platform-tools-29.*

platform-tools-29.0.6

platform-tools-30.*

platform-tools-30.0.0
platform-tools-30.0.1
platform-tools-30.0.2
platform-tools-30.0.3

Ecosystem specific 

{
    "severity": "MEDIUM"
}