OSV-2021-1015

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libwebp/OSV-2021-1015.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1015

Published

2021-07-16T00:00:06.429201Z

Modified

2022-04-13T03:04:41.769854Z

Summary

Dynamic-stack-buffer-overflow in VP8SetSegmentParams

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36191

Crash type: Dynamic-stack-buffer-overflow WRITE {*}
Crash state:
VP8SetSegmentParams
SetLoopParams
OneStatPass

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36191

Affected packages

OSS-Fuzz / libwebp

Package

Name: libwebp
Purl: pkg:generic/libwebp

Affected ranges

Type: GIT
Repo: https://chromium.googlesource.com/webm/libwebp
Events: Introduced

8f5946634ec513ff11e62baeacdb1c5b17408e69

Fixed

26f4aa01153d7bdf182630e5eb410ea5685d9cff

Fixed

8ea81561d2fdd382da60f57958741a7c23a18eb6

Ecosystem specific

{
    "severity": null
}

Database specific

{
    "fixed_range": "26f4aa01153d7bdf182630e5eb410ea5685d9cff:8ea81561d2fdd382da60f57958741a7c23a18eb6",
    "introduced_range": "46d844e6cf0f5895e96be619d637e11b9077128d:26f4aa01153d7bdf182630e5eb410ea5685d9cff"
}