osv-2021-1121
Vulnerability from osv_ossfuzz
Published
2021-08-12 00:00
Modified
2023-04-20 22:46
Summary
UNKNOWN WRITE in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025
This is the same issue as OSV-2021-1143 which replaced this one after it was closed wrongly.
Crash type: UNKNOWN WRITE
Crash state:
QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend
QPainterPath::addPath
QPathClipper::intersect
{
"affected": [
{
"database_specific": {
"fixed_range": "e3834034f88af27d48f2f7a2cc6ab0c84d6faf1e:e8a86ab6c84f6618fae6f961c34c25ef42e91332"
},
"ecosystem_specific": {
"introduced_range": "1c17b656e0c7b3f5fae598a0915fdebfeb822dae:f1b826440d0c9407b08329bb563b95781d6aeb6b",
"severity": "HIGH"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "qt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "a3b753c2d077313fc9eb93af547051b956e383fc"
},
{
"fixed": "79bb9f51fa374106a612d17c9d98d35d807be670"
},
{
"fixed": "36cfd9efb9b22b891adee9c48d30202289cfa620"
},
{
"fixed": "6958581c5cfa6ceb75edcd8b64699b2e71af29f7"
},
{
"fixed": "e8a86ab6c84f6618fae6f961c34c25ef42e91332"
}
],
"repo": "git://code.qt.io/qt/qtsvg.git",
"type": "GIT"
}
],
"versions": [
"qt-v5.0.0-alpha1",
"v5.0.0",
"v5.0.0-beta1",
"v5.0.0-beta2",
"v5.0.0-rc1",
"v5.0.0-rc2",
"v5.0.1",
"v5.0.2",
"v5.1.0",
"v5.1.0-alpha1",
"v5.1.0-beta1",
"v5.1.0-rc1",
"v5.1.0-rc2",
"v5.1.1",
"v5.10.0",
"v5.10.0-alpha1",
"v5.10.0-beta1",
"v5.10.0-beta2",
"v5.10.0-beta3",
"v5.10.0-beta4",
"v5.10.0-rc1",
"v5.10.0-rc2",
"v5.10.0-rc3",
"v5.10.1",
"v5.11.0",
"v5.11.0-alpha1",
"v5.11.0-beta1",
"v5.11.0-beta2",
"v5.11.0-beta3",
"v5.11.0-beta4",
"v5.11.0-rc1",
"v5.11.0-rc2",
"v5.11.1",
"v5.11.2",
"v5.11.3",
"v5.12.0",
"v5.12.0-alpha1",
"v5.12.0-beta1",
"v5.12.0-beta2",
"v5.12.0-beta3",
"v5.12.0-beta4",
"v5.12.0-rc1",
"v5.12.0-rc2",
"v5.12.1",
"v5.12.11",
"v5.12.2",
"v5.12.3",
"v5.12.4",
"v5.12.5",
"v5.12.6",
"v5.12.7",
"v5.12.8",
"v5.12.9",
"v5.13.0",
"v5.13.0-alpha1",
"v5.13.0-beta1",
"v5.13.0-beta2",
"v5.13.0-beta3",
"v5.13.0-beta4",
"v5.13.0-rc1",
"v5.13.0-rc2",
"v5.13.0-rc3",
"v5.13.1",
"v5.13.2",
"v5.14.0",
"v5.14.0-alpha1",
"v5.14.0-beta1",
"v5.14.0-beta2",
"v5.14.0-beta3",
"v5.14.0-rc1",
"v5.14.0-rc2",
"v5.14.1",
"v5.14.2",
"v5.15.0",
"v5.15.0-alpha1",
"v5.15.0-beta1",
"v5.15.0-beta2",
"v5.15.0-beta3",
"v5.15.0-beta4",
"v5.15.0-rc1",
"v5.15.0-rc2",
"v5.2.0",
"v5.2.0-alpha1",
"v5.2.0-beta1",
"v5.2.0-rc1",
"v5.2.1",
"v5.3.0",
"v5.3.0-alpha1",
"v5.3.0-beta1",
"v5.3.0-rc1",
"v5.3.1",
"v5.3.2",
"v5.4.0",
"v5.4.0-alpha1",
"v5.4.0-beta1",
"v5.4.0-rc1",
"v5.4.1",
"v5.4.2",
"v5.5.0",
"v5.5.0-alpha1",
"v5.5.0-beta1",
"v5.5.0-rc1",
"v5.5.1",
"v5.6.0",
"v5.6.0-alpha1",
"v5.6.0-beta1",
"v5.6.0-rc1",
"v5.6.1",
"v5.6.1-1",
"v5.6.2",
"v5.6.3",
"v5.7.0",
"v5.7.0-alpha1",
"v5.7.0-beta1",
"v5.7.0-rc1",
"v5.7.1",
"v5.8.0",
"v5.8.0-alpha1",
"v5.8.0-beta1",
"v5.8.0-rc1",
"v5.9.0",
"v5.9.0-alpha1",
"v5.9.0-beta1",
"v5.9.0-beta2",
"v5.9.0-beta3",
"v5.9.0-beta4",
"v5.9.0-rc1",
"v5.9.0-rc2",
"v5.9.1",
"v5.9.2",
"v5.9.3",
"v5.9.4",
"v5.9.5",
"v5.9.6",
"v5.9.7",
"v5.9.8",
"v5.9.9",
"v6.0.0-alpha1",
"v6.0.0-beta1",
"v6.0.0-beta2",
"v6.0.0-beta3",
"v6.0.0-beta4",
"v6.0.0-beta5",
"v6.0.1",
"v6.0.2",
"v6.0.3",
"v6.0.4",
"v6.1.0-alpha1",
"v6.1.0-beta1",
"v6.1.0-beta2",
"v6.1.0-beta3",
"v6.2.0",
"v6.2.0-alpha1",
"v6.2.0-beta1",
"v6.2.0-beta2",
"v6.2.0-beta3",
"v6.2.0-beta4",
"v6.2.0-rc1",
"v6.2.0-rc2"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025\n\nThis is the same issue as OSV-2021-1143 which replaced this one after it was closed wrongly.\n\n```\nCrash type: UNKNOWN WRITE\nCrash state:\nQtPrivate::QCommonArrayOps\u003cQPainterPath::Element\u003e::growAppend\nQPainterPath::addPath\nQPathClipper::intersect\n```\n",
"id": "OSV-2021-1121",
"modified": "2023-04-20T22:46:19.937028Z",
"published": "2021-08-12T00:00:36.570149Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37025"
}
],
"summary": "UNKNOWN WRITE in QtPrivate::QCommonArrayOps\u003cQPainterPath::Element\u003e::growAppend"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…