CVE-2022-44638

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterizeedges8 due to an integer overflow in pixmansamplefloor_y.

Database specific

{
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/44xxx/CVE-2022-44638.json"
}

References

Affected packages

Git / gitlab.freedesktop.org/pixman/pixman

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/pixman/pixman
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

37216a32839f59e8dcaa4c3951b3fcfc3f07852c

Affected versions

pixman-0.*

pixman-0.10.0

pixman-0.11.10

pixman-0.11.2

pixman-0.11.4

pixman-0.11.6

pixman-0.11.8

pixman-0.13.2

pixman-0.14.0

pixman-0.15.10

pixman-0.15.12

pixman-0.15.14

pixman-0.15.16

pixman-0.15.18

pixman-0.15.2

pixman-0.15.20

pixman-0.15.6

pixman-0.15.8

pixman-0.16.0

pixman-0.17.10

pixman-0.17.12

pixman-0.17.14

pixman-0.17.2

pixman-0.17.4

pixman-0.17.6

pixman-0.17.8

pixman-0.18.0

pixman-0.19.2

pixman-0.19.4

pixman-0.19.6

pixman-0.20.0

pixman-0.21.2

pixman-0.21.4

pixman-0.21.6

pixman-0.21.8

pixman-0.22.0

pixman-0.23.2

pixman-0.23.4

pixman-0.23.6

pixman-0.23.8

pixman-0.24.0

pixman-0.25.2

pixman-0.25.6

pixman-0.26.0

pixman-0.27.2

pixman-0.27.4

pixman-0.28.0

pixman-0.29.2

pixman-0.29.4

pixman-0.30.0

pixman-0.31.2

pixman-0.32.0

pixman-0.33.2

pixman-0.33.4

pixman-0.33.6

pixman-0.36.0

pixman-0.38.0

pixman-0.38.2

pixman-0.38.4

pixman-0.40.0

pixman-0.42.0

pixman-0.9.4

pixman-0.9.5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-44638.json"