OSV-2021-1228

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dav1d/OSV-2021-1228.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1228
Published
2021-09-12T00:00:08.147879Z
Modified
2022-04-13T03:04:39.812193Z
Summary
Heap-buffer-overflow in backup_lpf
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38369

Crash type: Heap-buffer-overflow READ {*}
Crash state:
backup_lpf
dav1d_lr_copy_lpf_16bpc
dav1d_filter_sbrow_deblock_rows_16bpc
References

Affected packages

OSS-Fuzz / dav1d

Package

Name
dav1d
Purl
pkg:generic/dav1d

Affected ranges

Type
GIT
Repo
https://code.videolan.org/videolan/dav1d.git
Events
Introduced
e53314177a5a45a1c1c907464b19ade625d110a6
Fixed
69ff474a7f3a7ccc61c5e6881e45e0afe693f352

Ecosystem specific 

{
    "severity": "MEDIUM"
}