osv-2021-1143
Vulnerability from osv_ossfuzz
Published
2021-08-19 00:00
Modified
2023-02-24 01:34
Summary
UNKNOWN WRITE in QtPrivate::QPodArrayOps<QPainterPath::Element>::copyAppend
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306
This is the same issue as OSV-2021-1121 which it replaced after that one was closed wrongly.
Crash type: UNKNOWN WRITE
Crash state:
QtPrivate::QPodArrayOps<QPainterPath::Element>::copyAppend
QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend
QList<QPainterPath::Element>::append
References
| URL | Type | |
|---|---|---|
{
"affected": [
{
"database_specific": {
"fixed_range": "f320433979bdc5a17618d8fcb140bf0e8ab04503:3b6c8eea207f42c561088395b80c64e5f82f7169",
"introduced_range": "e3834034f88af27d48f2f7a2cc6ab0c84d6faf1e:e8a86ab6c84f6618fae6f961c34c25ef42e91332"
},
"ecosystem_specific": {
"severity": "HIGH"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "qt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "a3b753c2d077313fc9eb93af547051b956e383fc"
},
{
"fixed": "79bb9f51fa374106a612d17c9d98d35d807be670"
},
{
"fixed": "36cfd9efb9b22b891adee9c48d30202289cfa620"
},
{
"fixed": "3b6c8eea207f42c561088395b80c64e5f82f7169"
},
{
"fixed": "6958581c5cfa6ceb75edcd8b64699b2e71af29f7"
}
],
"repo": "git://code.qt.io/qt/qtsvg.git",
"type": "GIT"
}
],
"versions": [
"qt-v5.0.0-alpha1",
"v5.0.0",
"v5.0.0-beta1",
"v5.0.0-beta2",
"v5.0.0-rc1",
"v5.0.0-rc2",
"v5.0.1",
"v5.0.2",
"v5.1.0",
"v5.1.0-alpha1",
"v5.1.0-beta1",
"v5.1.0-rc1",
"v5.1.0-rc2",
"v5.1.1",
"v5.10.0",
"v5.10.0-alpha1",
"v5.10.0-beta1",
"v5.10.0-beta2",
"v5.10.0-beta3",
"v5.10.0-beta4",
"v5.10.0-rc1",
"v5.10.0-rc2",
"v5.10.0-rc3",
"v5.10.1",
"v5.11.0",
"v5.11.0-alpha1",
"v5.11.0-beta1",
"v5.11.0-beta2",
"v5.11.0-beta3",
"v5.11.0-beta4",
"v5.11.0-rc1",
"v5.11.0-rc2",
"v5.11.1",
"v5.11.2",
"v5.11.3",
"v5.12.0",
"v5.12.0-alpha1",
"v5.12.0-beta1",
"v5.12.0-beta2",
"v5.12.0-beta3",
"v5.12.0-beta4",
"v5.12.0-rc1",
"v5.12.0-rc2",
"v5.12.1",
"v5.12.10",
"v5.12.11",
"v5.12.2",
"v5.12.3",
"v5.12.4",
"v5.12.5",
"v5.12.6",
"v5.12.7",
"v5.12.8",
"v5.12.9",
"v5.13.0",
"v5.13.0-alpha1",
"v5.13.0-beta1",
"v5.13.0-beta2",
"v5.13.0-beta3",
"v5.13.0-beta4",
"v5.13.0-rc1",
"v5.13.0-rc2",
"v5.13.0-rc3",
"v5.13.1",
"v5.13.2",
"v5.14.0",
"v5.14.0-alpha1",
"v5.14.0-beta1",
"v5.14.0-beta2",
"v5.14.0-beta3",
"v5.14.0-rc1",
"v5.14.0-rc2",
"v5.14.1",
"v5.14.2",
"v5.15.0",
"v5.15.0-alpha1",
"v5.15.0-beta1",
"v5.15.0-beta2",
"v5.15.0-beta3",
"v5.15.0-beta4",
"v5.15.0-rc1",
"v5.15.0-rc2",
"v5.15.1",
"v5.15.2",
"v5.15.3-lts-lgpl",
"v5.2.0",
"v5.2.0-alpha1",
"v5.2.0-beta1",
"v5.2.0-rc1",
"v5.2.1",
"v5.3.0",
"v5.3.0-alpha1",
"v5.3.0-beta1",
"v5.3.0-rc1",
"v5.3.1",
"v5.3.2",
"v5.4.0",
"v5.4.0-alpha1",
"v5.4.0-beta1",
"v5.4.0-rc1",
"v5.4.1",
"v5.4.2",
"v5.5.0",
"v5.5.0-alpha1",
"v5.5.0-beta1",
"v5.5.0-rc1",
"v5.5.1",
"v5.6.0",
"v5.6.0-alpha1",
"v5.6.0-beta1",
"v5.6.0-rc1",
"v5.6.1",
"v5.6.1-1",
"v5.6.2",
"v5.6.3",
"v5.7.0",
"v5.7.0-alpha1",
"v5.7.0-beta1",
"v5.7.0-rc1",
"v5.7.1",
"v5.8.0",
"v5.8.0-alpha1",
"v5.8.0-beta1",
"v5.8.0-rc1",
"v5.9.0",
"v5.9.0-alpha1",
"v5.9.0-beta1",
"v5.9.0-beta2",
"v5.9.0-beta3",
"v5.9.0-beta4",
"v5.9.0-rc1",
"v5.9.0-rc2",
"v5.9.1",
"v5.9.2",
"v5.9.3",
"v5.9.4",
"v5.9.5",
"v5.9.6",
"v5.9.7",
"v5.9.8",
"v5.9.9",
"v6.0.0",
"v6.0.0-alpha1",
"v6.0.0-beta1",
"v6.0.0-beta2",
"v6.0.0-beta3",
"v6.0.0-beta4",
"v6.0.0-beta5",
"v6.0.0-rc1",
"v6.0.0-rc2",
"v6.0.1",
"v6.0.2",
"v6.0.3",
"v6.0.4",
"v6.1.0",
"v6.1.0-alpha1",
"v6.1.0-beta1",
"v6.1.0-beta2",
"v6.1.0-beta3",
"v6.1.0-rc1",
"v6.1.0-rc2",
"v6.1.1",
"v6.1.2",
"v6.1.3",
"v6.2.0",
"v6.2.0-alpha1",
"v6.2.0-beta1",
"v6.2.0-beta2",
"v6.2.0-beta3",
"v6.2.0-beta4",
"v6.2.0-rc1",
"v6.2.0-rc2",
"v6.2.1"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306\n\nThis is the same issue as OSV-2021-1121 which it replaced after that one was closed wrongly.\n\n```\nCrash type: UNKNOWN WRITE\nCrash state:\nQtPrivate::QPodArrayOps\u003cQPainterPath::Element\u003e::copyAppend\nQtPrivate::QCommonArrayOps\u003cQPainterPath::Element\u003e::growAppend\nQList\u003cQPainterPath::Element\u003e::append\n```\n",
"id": "OSV-2021-1143",
"modified": "2023-02-24T01:34:15.652409Z",
"published": "2021-08-19T00:00:37.149406Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37306"
}
],
"summary": "UNKNOWN WRITE in QtPrivate::QPodArrayOps\u003cQPainterPath::Element\u003e::copyAppend"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…