OSV-2024-456

Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2024-456.yaml
Published
2024-05-09T00:08:35.451422Z
Modified
2024-05-09T00:08:35.451771Z
Summary
Heap-buffer-overflow in ih264d_read_coeff4x4_cabac
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66989

Crash type: Heap-buffer-overflow READ 4
Crash state:
ih264d_read_coeff4x4_cabac
ih264d_parse_residual4x4_cabac
ih264d_parse_imb_cabac
References

Affected packages

OSS-Fuzz / libavc

Package

Name
libavc

Affected ranges

Type
GIT
Repo
https://github.com/ittiam-systems/libavc.git
Events

Affected versions

v1.*

v1.4.0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "972c0aa711cadabb686fa75f95559cfd2c4ad316:37beb9729249a1cde472545e2a19d80660e40edc"
}