OSV-2022-874

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/lcms/OSV-2022-874.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-874
Published
2022-09-10T00:00:51.813984Z
Modified
2022-09-10T00:00:51.814238Z
Summary
UNKNOWN WRITE in from8to16
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51128

Crash type: UNKNOWN WRITE
Crash state:
from8to16
_cmsHandleExtraChannels
CachedXFORM
References

Affected packages

OSS-Fuzz / lcms

Package

Name
lcms
Purl
pkg:generic/lcms

Affected ranges

Type
GIT
Repo
https://github.com/mm2/Little-CMS.git
Events
Introduced
ad121a18594e496d0b76328d08403ea0bd304183
Fixed
caab4c07e60022a0f776b543eaa30785e2bb42ed

Affected versions

lcms2.*

lcms2.14
lcms2.14rc1

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "introduced_range": "991713e8456e62de82793e0594997fe997045431:be25a63be953dbfeef41cfec42550739ba74ea63"
}