OSV-2021-803

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2021-803.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-803
Published
2021-05-27T00:01:05.378775Z
Modified
2023-02-24T01:39:10.148952Z
Summary
Heap-buffer-overflow in sampled_data_finish
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675

Crash type: Heap-buffer-overflow WRITE 16
Crash state:
sampled_data_finish
sampled_data_continue
interp
References

Affected packages

OSS-Fuzz / ghostscript

Package

Name
ghostscript
Purl
pkg:generic/ghostscript

Affected ranges

Type
GIT
Repo
git://git.ghostscript.com/ghostpdl.git
Events
Introduced
45e765e59a45b46dcb05e8c729689a7c0574a48c
Fixed
2a3129365d3bc0d4a41f107ef175920d1505d1f7
Fixed
9d6e533f6486fe3fd0a6e29b23d1811361adf904

Affected versions

ghostpdl-9.*

ghostpdl-9.28rc1
ghostpdl-9.28rc2
ghostpdl-9.28rc3
ghostpdl-9.28rc4
ghostpdl-9.50
ghostpdl-9.51
ghostpdl-9.51rc1
ghostpdl-9.51rc2
ghostpdl-9.51rc2_test
ghostpdl-9.51rc2_test2
ghostpdl-9.51rc3
ghostpdl-9.52
ghostpdl-9.52-test-base-1
ghostpdl-9.52-test-base-3
ghostpdl-9.52-test-base-4
ghostpdl-9.52.1
ghostpdl-9.53.0
ghostpdl-9.53.0-test-base-0
ghostpdl-9.53.0rc1
ghostpdl-9.53.0rc2
ghostpdl-9.53.1
ghostpdl-9.53.2
ghostpdl-9.53.3
ghostpdl-9.54.0
ghostpdl-9.54.0-test-base-0
ghostpdl-9.54.0rc1_test

ghostscript-9.*

ghostscript-9.50
ghostscript-9.51
ghostscript-9.52

Other

gpdf_alpha1

gs9.*

gs9.28-temp-for-testing-tag

rjj_9.*

rjj_9.53.2_test

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "f209fb3a0f50cd0a9974d8627a4ac7f358f60c8a:470897e484fb0bfaa8553e0ccd5b9db91eda008b"
}

Database specific

{
    "fixed_range": "25b8457be76ba09c2380e5058ca4878e1a7f5ee8:9d6e533f6486fe3fd0a6e29b23d1811361adf904"
}