OSV-2020-876

Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2020-876.yaml
Published
2020-07-14T22:13:55.541274Z
Modified
2022-12-04T00:11:17.714379Z
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21783

Crash type: Use-of-uninitialized-value
Crash state:
XCFImageFormat::mergeRGBToRGB
XCFImageFormat::mergeLayerIntoImage
XCFImageFormat::loadLayer
References

Affected packages

OSS-Fuzz / kimageformats

kimageformats

Affected ranges

Type
GIT
Events
Introduced
c60e77c048d32ccf743cec695743b77b2b25dc87

Affected versions

v5.*

v5.100.0-rc1
v5.101.0-rc1
v5.70.0
v5.70.0-rc1
v5.71.0
v5.71.0-rc1
v5.71.0-rc2
v5.72.0
v5.72.0-rc1
v5.73.0
v5.73.0-rc1
v5.74.0
v5.74.0-rc1
v5.75.0
v5.75.0-rc1
v5.76.0
v5.76.0-rc1
v5.77.0
v5.77.0-rc1
v5.78.0
v5.78.0-rc1
v5.79.0
v5.79.0-rc1
v5.79.0-rc2
v5.80.0
v5.80.0-rc1
v5.81.0
v5.81.0-rc1
v5.81.0-rc2
v5.82.0
v5.82.0-rc1
v5.82.0-rc2
v5.83.0
v5.83.0-rc1
v5.84.0-rc1
v5.85.0
v5.85.0-rc1
v5.86.0
v5.86.0-rc1
v5.87.0
v5.87.0-rc1
v5.88.0
v5.88.0-rc1
v5.89.0
v5.89.0-rc1
v5.90.0
v5.90.0-rc1
v5.91.0
v5.91.0-rc1
v5.92.0
v5.92.0-rc1
v5.93.0
v5.93.0-rc1
v5.94.0
v5.94.0-rc1
v5.95.0
v5.95.0-rc1
v5.96.0
v5.96.0-rc1
v5.97.0
v5.97.0-rc1
v5.98.0
v5.98.0-rc1
v5.99.0
v5.99.0-rc1

Ecosystem specific

{
    "severity": "MEDIUM"
}