OSV-2022-1122

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2022-1122.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1122
Published
2022-10-31T00:02:41.800433Z
Modified
2022-10-31T00:02:41.800685Z
Summary
Heap-buffer-overflow in LibRaw::phase_one_correct
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52887

Crash type: Heap-buffer-overflow READ 4
Crash state:
LibRaw::phase_one_correct
LibRaw::raw2image_ex
LibRaw::dcraw_process
References

Affected packages

OSS-Fuzz / kimageformats

Package

Name
kimageformats
Purl
pkg:generic/kimageformats

Affected ranges

Type
GIT
Repo
https://invent.kde.org/frameworks/kimageformats.git
Events
Introduced
d881a7bbb1562af383bbb6ca20340ad739fb0d13
Fixed
8586bb47193aebecab2f84ff531beaaeaa7bf93c

Affected versions

v5.*

v5.99.0
v5.99.0-rc1

Ecosystem specific 

{
    "severity": "MEDIUM"
}