OSV-2021-1510

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1510

Published

2021-10-30T00:01:37.386031Z

Modified

2022-04-13T03:04:41.838573Z

Summary

Heap-buffer-overflow in WriteRingBuffer

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40449

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
WriteRingBuffer
BrotliDecoderDecompressStream
jxl::JxlBoxContentDecoder::Process

References

Affected packages

Type: GIT
Repo: https://github.com/libjxl/libjxl.git
Events: Introduced

f0b9147ee57805c4ab45abdf8d72e2da9c5a951c

Fixed

aa62a07ffd86d19c55e15f3c5c10ba377e069289

{
    "severity": "HIGH"
}

{
    "fixed_range": "35ad5de736b3f1ea9784113e2e30ea424c251616:aa62a07ffd86d19c55e15f3c5c10ba377e069289"
}