OSV-2024-80

Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2024-80.yaml
Published
2024-02-07T00:03:02.923052Z
Modified
2024-02-23T14:44:23.226556Z
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66455

Crash type: Stack-buffer-overflow WRITE 4
Crash state:
line_join_points
stroke_add_compat
gx_stroke_path_only
References

Affected packages

OSS-Fuzz / ghostscript

Package

Name
ghostscript

Affected ranges

Type
GIT
Repo
git://git.ghostscript.com/ghostpdl.git
Events
Introduced
ee290c1aebaa172c812f21024af2dbf721fa5865
Introduced
eb9fc0106d45d1ce81ab2c4ae1a3d6e90a8c0164

Affected versions

ghostpdl-10.*

ghostpdl-10.0.0
ghostpdl-10.0.0rc2
ghostpdl-10.01.0
ghostpdl-10.01.0rc1
ghostpdl-10.01.0rc2
ghostpdl-10.01.1
ghostpdl-10.01.1-gse-10174
ghostpdl-10.01.2
ghostpdl-10.02.0
ghostpdl-10.02.0-test-base-001
ghostpdl-10.02.0rc1
ghostpdl-10.02.0rc2
ghostpdl-10.02.1
ghostpdl-10.03.0rc1
ghostpdl-10.03.0rc1_test
ghostpdl-10.03.0rc1_test002
ghostpdl-10.03.0rc1_test003

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "introduced_range": "19c421c10385b89da8564d664c2c5679c7558035:1f56d7736465c45a2785d6bb3db1c37289599b40"
}