OSV-2021-677

Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/grok/OSV-2021-677.yaml
Published
2021-04-23T00:00:13.554175Z
Modified
2022-09-24T00:28:32.357208Z
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33544

Crash type: Heap-buffer-overflow WRITE 16
Crash state:
grk::FileFormatDecompress::apply_palette_clr
grk::FileFormatDecompress::applyColour
grk_decompress_fuzzer.cpp
References

Affected packages

OSS-Fuzz / grok

grok

Affected ranges

Affected versions

v10.*

v10.0.0
v10.0.0.debian
v10.0.1
v10.0.2
v10.0.3
v10.0.4

v7.*

v7.6.6
v7.6.6-3
v7.6.6.debian

v8.*

v8.0.0
v8.0.1
v8.0.2
v8.0.3

v9.*

v9.0.0
v9.1.0
v9.2.0
v9.3.0
v9.4.0
v9.5.0
v9.5.0.debian
v9.6.0
v9.7.0
v9.7.1
v9.7.2
v9.7.3
v9.7.4
v9.7.4.debian
v9.7.5
v9.7.5.debian
v9.7.6
v9.7.7
v9.7.8

Ecosystem specific

{
    "severity": "HIGH"
}