osv-2022-363
Vulnerability from osv_ossfuzz
Published
2022-04-21 00:01
Modified
2022-07-30 00:11
Summary
Heap-use-after-free in dwg_free_TABLEGEOMETRY_private
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46847
Crash type: Heap-use-after-free READ 8
Crash state:
dwg_free_TABLEGEOMETRY_private
dwg_free_TABLEGEOMETRY
dwg_free_variable_no_class
{
"affected": [
{
"ecosystem_specific": {
"severity": "MEDIUM"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "libredwg",
"purl": "pkg:generic/libredwg"
},
"ranges": [
{
"events": [
{
"introduced": "cb74d5cf5bffc2a9dee8da43105d892f9a728777"
},
{
"fixed": "9e629ba3649464a928b0af75ddd246b3defee128"
}
],
"repo": "https://github.com/LibreDWG/libredwg",
"type": "GIT"
}
],
"versions": [
"0.12.3.4163",
"0.12.3.4165",
"0.12.3.4167",
"0.12.3.4173",
"0.12.3.4176",
"0.12.3.4178",
"0.12.3.4180",
"0.12.3.4185",
"0.12.3.4189",
"0.12.3.4191",
"0.12.3.4194",
"0.12.3.4201",
"0.12.3.4203",
"0.12.3.4206",
"0.12.3.4219",
"0.12.3.4221",
"0.12.3.4229",
"0.12.3.4231",
"0.12.3.4244",
"0.12.3.4248",
"0.12.3.4250",
"0.12.3.4253",
"0.12.3.4261",
"0.12.3.4264",
"0.12.3.4267",
"0.12.3.4270",
"0.12.3.4273",
"0.12.3.4280",
"0.12.4",
"0.12.4.4287",
"0.12.4.4288",
"0.12.4.4296",
"0.12.4.4298",
"0.12.4.4300",
"0.12.4.4302",
"0.12.4.4307",
"0.12.4.4313",
"0.12.4.4317",
"0.12.4.4321",
"0.12.4.4324",
"0.12.4.4331",
"0.12.4.4338",
"0.12.4.4343",
"0.12.4.4348",
"0.12.4.4362",
"0.12.4.4364",
"0.12.4.4367",
"0.12.4.4368",
"0.12.4.4375",
"0.12.4.4378",
"0.12.4.4382",
"0.12.4.4384",
"0.12.4.4387",
"0.12.4.4390",
"0.12.4.4395",
"0.12.4.4399",
"0.12.4.4400",
"0.12.4.4409",
"0.12.4.4415",
"0.12.4.4420",
"0.12.4.4423",
"0.12.4.4425",
"0.12.4.4430",
"0.12.4.4437",
"0.12.4.4442",
"0.12.4.4444",
"0.12.4.4462",
"0.12.4.4466",
"0.12.4.4467",
"0.12.4.4475",
"0.12.4.4487",
"0.12.4.4491",
"0.12.4.4492",
"0.12.4.4494",
"0.12.4.4497",
"0.12.4.4507",
"0.12.4.4515",
"0.12.4.4517",
"0.12.4.4522",
"0.12.4.4527",
"0.12.4.4530",
"0.12.4.4533",
"0.12.4.4535",
"0.12.4.4542",
"0.12.4.4544",
"0.12.4.4545",
"0.12.4.4548",
"0.12.4.4550",
"0.12.4.4553",
"0.12.4.4566",
"0.12.4.4567",
"0.12.4.4572",
"0.12.4.4583",
"0.12.4.4590",
"0.12.4.4598",
"0.12.4.4601",
"0.12.4.4606",
"0.12.4.4607",
"0.12.4.4608",
"0.12.4.4613",
"0.12.4.4615",
"0.12.5"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46847\n\n```\nCrash type: Heap-use-after-free READ 8\nCrash state:\ndwg_free_TABLEGEOMETRY_private\ndwg_free_TABLEGEOMETRY\ndwg_free_variable_no_class\n```\n",
"id": "OSV-2022-363",
"modified": "2022-07-30T00:11:38.468823Z",
"published": "2022-04-21T00:01:58.402473Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46847"
}
],
"schema_version": "1.2.0",
"summary": "Heap-use-after-free in dwg_free_TABLEGEOMETRY_private"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…