OSV-2023-1295

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libraw/OSV-2023-1295.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-1295
Published
2023-12-14T00:03:32.723059Z
Modified
2023-12-14T00:03:32.723513Z
Summary
Global-buffer-overflow in libraw_tagtype_dataunit_bytes
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65027

Crash type: Global-buffer-overflow READ 4
Crash state:
libraw_tagtype_dataunit_bytes
checked_buffer_t::tiff_sget
LibRaw::parseSonySR2
References

Affected packages

OSS-Fuzz / libraw

Package

Name
libraw
Purl
pkg:generic/libraw

Affected ranges

Type
GIT
Repo
https://github.com/libraw/libraw
Events
Introduced
4c954948ba2de262b9cb23a1843fb8651aa3dcc1
Fixed
a6f212a4a1fe19dce1f83c83384f171fd7babb0a
Fixed
62f0423663f2fdfd46eedecd4690e39fa899d0a6

Affected versions

0.*

0.21-Beta1
0.21.0
0.21.1

Ecosystem specific 

{
    "severity": null
}