OSV-2023-800
See a problem?- Import Source
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2023-800.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/OSV-2023-800
- Published
- 2023-09-07T14:00:27.693270Z
- Modified
- 2024-12-13T14:20:16.798562Z
- Summary
- Heap-buffer-overflow in XCFImageFormat::loadTileRLE
- Details
-
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62098
Crash type: Heap-buffer-overflow WRITE 1 Crash state: XCFImageFormat::loadTileRLE XCFImageFormat::loadLevel XCFImageFormat::loadHierarchy - References
Affected packages
OSS-Fuzz / kimageformats
Package
- Name
- kimageformats
- Purl
- pkg:generic/kimageformats
Affected ranges
- Type
- GIT
- Repo
- https://invent.kde.org/frameworks/kimageformats.git
- Events
-
Introducedbcec942cc92e0968c724a2c1f92b4cd048bf8fa7Introduced4badb3088e90d86208ed6bd435df7fe6a022be64
Affected versions
v5.*
v5.110.0
v5.110.0-rc1
v5.111.0
v5.111.0-rc1
v5.112.0
v5.112.0-rc1
v5.113.0
v5.113.0-rc1
v5.114.0
v5.114.0-rc1
v5.115.0
v5.115.0-rc1
v5.116.0
v5.116.0-rc1
v5.245.0
v5.246.0
v5.247.0
v5.248.0
v5.249.0
v6.*
v6.0.0
v6.1.0
v6.2.0
v6.3.0
v6.3.0-rc1
v6.4.0
v6.4.0-rc1
v6.5.0
v6.5.0-rc1
v6.6.0
v6.6.0-rc1
v6.7.0
v6.7.0-rc1
v6.8.0
v6.8.0-rc1
v6.9.0
v6.9.0-rc1