OSV-2024-535

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/spirv-tools/OSV-2024-535.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-535

Published

2024-06-06T00:00:55.007699Z

Modified

2024-06-25T14:21:53.898093Z

Summary

Use-of-uninitialized-value in spvTextEncodeOperand

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69388

Crash type: Use-of-uninitialized-value
Crash state:
spvTextEncodeOperand
spvTextEncodeOpcode
spvTextToBinaryWithOptions

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69388

Affected packages

OSS-Fuzz / spirv-tools

Package

Name: spirv-tools
Purl: pkg:generic/spirv-tools

Affected ranges

Type: GIT
Repo: https://github.com/KhronosGroup/SPIRV-Tools.git
Events: Introduced

7e1a8cdc534093862cc369bb9f398f919c105684

Fixed

6a2bdeee75eb35e5349c6993d33c9afe30237d79

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "3d24089292ed357658e3de81ddc2e72f11296e39:142bf7de83b550b549b4049eb1f3dcb2ff007ec1",
    "fixed_range": "4a2e0c9b3663d1bacc91821ae5699965bff4e5e9:6a2bdeee75eb35e5349c6993d33c9afe30237d79"
}