OSV-2026-649

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2026-649.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2026-649

Published

2026-04-29T00:10:47.581403Z

Modified

2026-04-29T00:10:47.581821Z

Summary

Container-overflow in OGRGeometryFactory::organizePolygons

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506932597

Crash type: Container-overflow WRITE 1
Crash state:
OGRGeometryFactory::organizePolygons
OGRCreateFromShapeBin
OpenFileGDB::FileGDBOGRGeometryConverterImpl::CreateCurveGeometry

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506932597

Affected packages

OSS-Fuzz / gdal

Package

Name: gdal
Purl: pkg:generic/gdal

Affected ranges

Type: GIT
Repo: https://github.com/OSGeo/gdal
Events: Introduced

339a7cd81254ac672731bd96f55d6c3efb317f55

Fixed

56693e879efeff2524e82f37f1d6dea168df627d

Fixed

d4c7037e116aaa298847c22e5c0328e9a009fc3c

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

fixed_range

"2e455ba777d3f0dc1bac7892211350939f6da269:d4c7037e116aaa298847c22e5c0328e9a009fc3c"

introduced_range

"44534a4a979eed0d133d1782c98f6b313456ae71:2e455ba777d3f0dc1bac7892211350939f6da269"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2026-649.yaml"