OSV-2024-144

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/spirv-tools/OSV-2024-144.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-144

Published

2024-02-29T00:12:28.292465Z

Modified

2024-04-23T14:17:09.435427Z

Summary

UNKNOWN READ in spvtools::val::ValidateAccessChain

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66956

Crash type: UNKNOWN READ
Crash state:
spvtools::val::ValidateAccessChain
spvtools::val::MemoryPass
spvtools::val::ValidateBinaryUsingContextAndValidationState

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66956

Affected packages

OSS-Fuzz / spirv-tools

Package

Name: spirv-tools
Purl: pkg:generic/spirv-tools

Affected ranges

Type: GIT
Repo: https://github.com/KhronosGroup/SPIRV-Tools.git
Events: Introduced

1b643eac5d4062bbec48b912a1332e6909802479

Fixed

fbc7a14b3e5e494113a464bbfafc48b94516446a

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "fixed_range": "99a3ad32ffbf35797ca079537940bb5c870ebaaf:fbc7a14b3e5e494113a464bbfafc48b94516446a"
}