OSV-2021-504

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2021-504.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-504

Published

2021-03-07T00:00:59.495834Z

Modified

2022-04-13T03:04:35.458691Z

Summary

Heap-buffer-overflow in ih264d_mark_err_slice_skip

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31757

Crash type: Heap-buffer-overflow WRITE 8
Crash state:
ih264d_mark_err_slice_skip
ih264d_video_decode
ih264d_api_function

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31757

Affected packages

OSS-Fuzz / libavc

Package

Name: libavc
Purl: pkg:generic/libavc

Affected ranges

Type: GIT
Repo: https://android.googlesource.com/platform/external/libavc
Events: Introduced

6efeedf0633e1965a4d4e17d64f14215e9b6d48f

Fixed

fa13b3087684ffefd82d61c34e61714881674cd3

Fixed

a88e0683a420d7ee9aa4b6f41f94cb8dc0c5e040

Affected versions

android-11.*

android-11.0.0_r18

android-11.0.0_r19

android-11.0.0_r20

android-11.0.0_r21

android-11.0.0_r22

android-11.0.0_r23

android-11.0.0_r24

android-11.0.0_r26

android-11.0.0_r27

android-11.0.0_r28

android-11.0.0_r29

android-11.0.0_r38

android-11.0.0_r39

android-11.0.0_r40

android-11.0.0_r43

android-11.0.0_r46

android-12.*

android-12.0.0_r1

android-12.0.0_r10

android-12.0.0_r11

android-12.0.0_r12

android-12.0.0_r13

android-12.0.0_r14

android-12.0.0_r15

android-12.0.0_r2

android-12.0.0_r3

android-12.0.0_r4

android-12.0.0_r5

android-12.0.0_r6

android-12.0.0_r7

android-12.0.0_r8

android-12.0.0_r9

android-cts-12.*

android-cts-12.0_r1

android-mainline-11.*

android-mainline-11.0.0_r15

android-mainline-11.0.0_r23

android-mainline-11.0.0_r35

android-mainline-11.0.0_r44

android-platform-12.*

android-platform-12.0.0_r1

Other

android-s-beta-1

android-s-beta-2

android-s-beta-3

android-s-beta-4

android-s-beta-5

android-s-preview-1

android-s-v2-preview-1

android-vts-12.*

android-vts-12.0_r1

platform-tools-29.*

platform-tools-29.0.1

platform-tools-29.0.2

platform-tools-29.0.3

platform-tools-29.0.4

platform-tools-29.0.5

platform-tools-29.0.6

platform-tools-30.*

platform-tools-30.0.0

platform-tools-30.0.1

platform-tools-30.0.2

platform-tools-30.0.3

platform-tools-30.0.4

platform-tools-30.0.5

platform-tools-31.*

platform-tools-31.0.0

platform-tools-31.0.1

platform-tools-31.0.2

platform-tools-31.0.3

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2021-504.yaml"