OSV-2024-1124

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2024-1124.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1124
Published
2024-09-21T00:14:26.784483Z
Modified
2025-01-31T14:23:52.455197Z
Summary
Heap-buffer-overflow in ih264d_read_coeff4x4_cabac
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538616

Crash type: Heap-buffer-overflow READ 4
Crash state:
ih264d_read_coeff4x4_cabac
ih264d_cabac_parse_8x8block
ih264d_parse_residual4x4_cabac
References

Affected packages

OSS-Fuzz / libavc

Package

Name
libavc
Purl
pkg:generic/libavc

Affected ranges

Type
GIT
Repo
https://github.com/ittiam-systems/libavc.git
Events
Introduced
0e723489615b8f81d9d5a7f823969eb91787d636
Fixed
3916f3eea4a89090d017aa04981022e1cb49f207

Affected versions

v1.*
v1.4.0
v1.5.0
v1.6.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"ba74b083b43228c5472dfd7f01580204513ad8df:3916f3eea4a89090d017aa04981022e1cb49f207"
introduced_range 
"972c0aa711cadabb686fa75f95559cfd2c4ad316:37beb9729249a1cde472545e2a19d80660e40edc"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2024-1124.yaml"