OSV-2023-377

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2023-377.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-377

Published

2023-05-07T14:00:31.978521Z

Modified

2023-05-07T14:00:31.978773Z

Summary

UNKNOWN WRITE in bool OT::Layout::Common::CoverageFormat2_4<OT::Layout::MediumTypes>::serialize<h

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58671

Crash type: UNKNOWN WRITE
Crash state:
bool OT::Layout::Common::CoverageFormat2_4<OT::Layout::MediumTypes>::serialize&lt;h
bool OT::Layout::Common::Coverage::serialize&lt;hb_sorted_array_t&lt;unsigned int cons
OT::Layout::GSUB_impl::AlternateSubstFormat1_2<OT::Layout::SmallTypes>::subset

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58671

Affected packages

OSS-Fuzz / harfbuzz

Package

Name: harfbuzz
Purl: pkg:generic/harfbuzz

Affected ranges

Type: GIT
Repo: https://github.com/harfbuzz/harfbuzz.git
Events: Introduced

1be39729140a6d726de164746e516c1fe5afcb19

Fixed

cda646a598207642721b753ef5abcebb2525f61b

Ecosystem specific

{
    "severity": "HIGH"
}