OSV-2023-303

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dav1d/OSV-2023-303.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-303
Published
2023-04-13T14:01:21.388989Z
Modified
2023-04-13T14:01:21.389231Z
Summary
Heap-use-after-free in picture_copy_props
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57927

Crash type: Heap-use-after-free READ {*}
Crash state:
picture_copy_props
dav1d_picture_alloc_copy
dav1d_apply_grain
References

Affected packages

OSS-Fuzz / dav1d

Package

Name
dav1d
Purl
pkg:generic/dav1d

Affected ranges

Type
GIT
Repo
https://code.videolan.org/videolan/dav1d.git
Events
Introduced
62f8b887d552fec72a757b71418c62268b6ea67a
Fixed
ed997f5f125491099914ab9febff432238de4018

Ecosystem specific 

{
    "severity": "HIGH"
}