OSV-2022-243

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/grok/OSV-2022-243.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-243
Published
2022-03-15T00:00:45.636919Z
Modified
2022-04-13T03:04:39.523343Z
Summary
Heap-buffer-overflow in grk::PacketIter::next_pcrl
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45537

Crash type: Heap-buffer-overflow READ 1
Crash state:
grk::PacketIter::next_pcrl
grk::T2Decompress::decompressPackets
grk::TileProcessor::decompressT2
References

Affected packages

OSS-Fuzz / grok

Package

Name
grok
Purl
pkg:generic/grok

Affected ranges

Type
GIT
Repo
https://github.com/GrokImageCompression/grok.git
Events
Introduced
7113ab221774f06eee06a361cfb0870b572fe0dd
Fixed
f33b49fa40b0abad23f25d2c8a74794bccd22a53

Affected versions

v9.*

v9.7.2
v9.7.3
v9.7.4

Ecosystem specific 

{
    "severity": "MEDIUM"
}