OSV-2024-1150 Heap-buffer-overflow in extract_mr_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=369236552 Crash type: Heap-buffer-overflow READ Crash state: extractmrdata parsemrstring readstatparsesav...

OSV-2024-1149 Use-of-uninitialized-value in ultrahdr::uhdr_gainmap_metadata_frac::encodeGainmapMetadata

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=369652657 Crash type: Use-of-uninitialized-value Crash state: ultrahdr::uhdrgainmapmetadatafrac::encodeGainmapMetadata ultrahdr::JpegR::appendGainMap ultrahdr::JpegR::encodeJPEGR...

OSV-2024-1145 Heap-buffer-overflow in ultrahdr::getYuv444Pixel

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538160 Crash type: Heap-buffer-overflow READ 1 Crash state: ultrahdr::getYuv444Pixel std::1::function::funcultrahdr::JpegR::applyGainMap ultrahdr::JpegR::applyGainMap...

OSV-2024-1144 Security exception in graphql.schema.GraphQLTypeUtil.simplePrint

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=368729570 Crash type: Security exception Crash state: graphql.schema.GraphQLTypeUtil.simplePrint graphql.schema.GraphQLTypeUtil.simplePrint graphql.schema.GraphQLTypeUtil.simplePrint...

OSV-2024-1140 Security exception in java.base/java.util.Arrays.copyOfRange

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=368729567 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange java.base/java.lang.StringUTF16.newString java.base/java.lang.StringBuilder.toString...

OSV-2024-1131 UNKNOWN READ in glslang::TInfoSinkBase::location

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=368512278 Crash type: UNKNOWN READ Crash state: glslang::TInfoSinkBase::location glslang::TParseContextBase::outputMessage glslang::TParseContextBase::error...

OSV-2024-1128 Segv on unknown address in udiv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=368076871 Crash type: Segv on unknown address Crash state: udiv mrbbintmod mrbvmexec...

OSV-2024-1124 Heap-buffer-overflow in ih264d_read_coeff4x4_cabac

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538616 Crash type: Heap-buffer-overflow READ 4 Crash state: ih264dreadcoeff4x4cabac ih264dcabacparse8x8block ih264dparseresidual4x4cabac...

OSV-2024-1090 UNKNOWN READ in ggml_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538517 Crash type: UNKNOWN READ Crash state: ggmlfree llamamodel::llamamodel llamaloadmodelfromfile...

OSV-2024-1076 Heap-buffer-overflow in readBytes48

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538426 Crash type: Heap-buffer-overflow READ 1 Crash state: readBytes48 SystemZLLVMgetInstruction SystemZgetInstruction...

OSV-2024-1071 Use-of-uninitialized-value in Poco::Dynamic::Var::~Var

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538385 Crash type: Use-of-uninitialized-value Crash state: Poco::Dynamic::Var::Var void Poco::JSON::Object::doStringifystd::1::mapstd::1::basicstringchar, Poco::JWT::Serializer::serialize...

OSV-2024-1062 UNKNOWN WRITE in std::__1::recursive_mutex::lock

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538230 Crash type: UNKNOWN WRITE Crash state: std::1::recursivemutex::lock Catalog::getForm Page::getAnnots...

OSV-2024-1056 UNKNOWN WRITE in bfd_elf_get_str_section

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538161 Crash type: UNKNOWN WRITE Crash state: bfdelfgetstrsection bfdelfstringfromelfsection bfdelfsymname...

OSV-2024-1054 Bad-cast to Assimp::LogStream from invalid vptr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538150 Crash type: Bad-cast Crash state: Bad-cast to Assimp::LogStream from invalid vptr CallbackToLogRedirector Assimp::DefaultLogger::WriteToStreams...

OSV-2024-1053 Heap-buffer-overflow in gguf_get_tensor_offset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538148 Crash type: Heap-buffer-overflow READ 8 Crash state: ggufgettensoroffset llamamodelloader::llamatensorweight::llamatensorweight void std::1::vectorllamamodelloader::llamatensorweight, std::1::allocat...

OSV-2024-1044 UNKNOWN READ in H5FL_reg_malloc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538113 Crash type: UNKNOWN READ Crash state: H5FLregmalloc H5FLregcalloc H5Ocachechkdeserialize...

PT-2024-41504 · Git · Hdf5

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538113 Crash type: UNKNOWN READ Crash state: H5FL reg malloc H5FL reg calloc H5O cache chk deserialize...

OSV-2024-1043 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_latin1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71307 Crash type: Heap-buffer-overflow WRITE Crash state: simdutf::haswell::implementation::convertutf8tolatin1 Conversion Conversion...

OSV-2024-1041 UNKNOWN READ in chunk_free_object

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71296 Crash type: UNKNOWN READ Crash state: chunkfreeobject sfclose pdficlosefile...

OSV-2024-1034 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_utf16be

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71218 Crash type: Heap-buffer-overflow WRITE Crash state: simdutf::haswell::implementation::convertutf8toutf16be Conversion Conversion...