OSV-2024-965

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/flac/OSV-2024-965.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-965
Published
2024-08-16T00:14:23.665242Z
Modified
2024-08-16T00:14:23.665768Z
Summary
Stack-buffer-overflow in FLAC__stream_encoder_init_ogg_file
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537419

Crash type: Stack-buffer-overflow READ 13
Crash state:
FLAC__stream_encoder_init_ogg_file
EncoderSession_init_encoder
flac__encode_file
References

Affected packages

OSS-Fuzz / flac

Package

Name
flac
Purl
pkg:generic/flac

Affected ranges

Type
GIT
Repo
https://github.com/xiph/flac.git
Events
Introduced
33b9a4a765376aad75436b61c5509f0097368167
Fixed
86d6de66a406b66271811a7d2ce35bd684682dae

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "introduced_range": "215d1aa633b218ae16bfc1b09aed6f3f7a22d19e:ce9105664419f542c757c05b28ffd6537d19f63c"
}