OSV-2022-339

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2022-339.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-339

Published

2022-04-14T00:00:06.038155Z

Modified

2022-04-14T00:00:06.038429Z

Summary

Heap-use-after-free in gc_trace

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46672

Crash type: Heap-use-after-free READ 2
Crash state:
gc_trace
gs_gc_reclaim
ireclaim

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46672

Affected packages

OSS-Fuzz / ghostscript

Package

Name: ghostscript
Purl: pkg:generic/ghostscript

Affected ranges

Type: GIT
Repo: git://git.ghostscript.com/ghostpdl.git
Events: Introduced

f75e9fa8a5bdf6ed8ea8ea5ea86f0834236c7da5

Fixed

9adc7cda128a8494b2657901707bbd94367a125b

Fixed

2b8ac667b8eba0a7f828341bc4262693d7e47b96

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "introduced_range": "03c264eb8ba86d43caa678d0c6cd928eabefa5ab:2125cee36a52f623e410d6422693f3125a152145",
    "fixed_range": "1a18793a02e1dab7676d594366b93847fde6fe44:2b8ac667b8eba0a7f828341bc4262693d7e47b96"
}