OSV-2023-1206

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2023-1206.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-1206
Published
2023-11-24T13:00:18.041607Z
Modified
2023-11-24T13:00:18.041977Z
Summary
Heap-buffer-overflow in ih264d_format_convert
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64432

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
ih264d_format_convert
isvcd_video_decode
isvcd_api_function
References

Affected packages

OSS-Fuzz / libavc

Package

Name
libavc
Purl
pkg:generic/libavc

Affected ranges

Type
GIT
Repo
https://github.com/ittiam-systems/libavc.git
Events
Introduced
b2a61a152a5e83b3419212e8d15a10d4488e51d9
Fixed
3cc9ff94db44f8739905d8ea9bff1723c19c2745

Affected versions

v1.*

v1.1.1
v1.2.0
v1.3.0

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "82f4e69094b7d6e4200d14ba64ac9937f337710d:3cc9ff94db44f8739905d8ea9bff1723c19c2745"
}