OSV-2026-895

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libhevc/OSV-2026-895.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-895
Published
2026-06-10T00:07:09.972504Z
Modified
2026-06-10T00:07:09.972922Z
Summary
Heap-buffer-overflow in ihevcd_fmt_conv
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=521437880

Crash type: Heap-buffer-overflow WRITE 8
Crash state:
ihevcd_fmt_conv
ihevcd_process_thread
start_thread
References

Affected packages

OSS-Fuzz / libhevc

Package

Name
libhevc
Purl
pkg:generic/libhevc

Affected ranges

Type
GIT
Repo
https://github.com/ittiam-systems/libhevc.git
Events
Introduced
f6ef16b0f9f74f5d15843ca336c098c93b18aac6
Fixed
57d79be23a349723cb419600b190e85f0dd99357

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

introduced_range 
"1f0d11ce8f1a5ac141dc6a8d235d6338f46e24a4:1fac8cc5fea9acf88fce10fdd4481e103724ef59"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libhevc/OSV-2026-895.yaml"