OSV-2024-456

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavc/OSV-2024-456.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-456

Published

2024-05-09T00:08:35.451422Z

Modified

2024-05-27T14:02:56.983104Z

Summary

Heap-buffer-overflow in ih264d_read_coeff4x4_cabac

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66989

Crash type: Heap-buffer-overflow READ 4
Crash state:
ih264d_read_coeff4x4_cabac
ih264d_parse_residual4x4_cabac
ih264d_parse_imb_cabac

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66989

Affected packages

OSS-Fuzz / libavc

Package

Name: libavc
Purl: pkg:generic/libavc

Affected ranges

Type: GIT
Repo: https://github.com/ittiam-systems/libavc.git
Events: Introduced

0e723489615b8f81d9d5a7f823969eb91787d636

Fixed

72315c11ac595a73d3b629cc36647327156d5875

Affected versions

v1.*

v1.4.0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "972c0aa711cadabb686fa75f95559cfd2c4ad316:37beb9729249a1cde472545e2a19d80660e40edc",
    "fixed_range": "828cdb77ba434eb11ce19f7f0d4482e744b27064:72315c11ac595a73d3b629cc36647327156d5875"
}