OSV-2017-119

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2017-119.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2017-119

Published

2021-01-13T21:57:51.011913Z

Modified

2022-04-13T03:04:38.993383Z

Summary

Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3376

Crash type: Stack-buffer-overflow READ 2
Crash state:
ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId
ot::NetworkData::Leader::HandleCommissioningSet
ot::Coap::Coap::ProcessReceivedRequest

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3376

Affected packages

OSS-Fuzz / openthread

Package

Name: openthread
Purl: pkg:generic/openthread

Affected ranges

Type: GIT
Repo: https://github.com/openthread/openthread
Events: Introduced

71d40a5c838d345248fbc130c74182dda99d85f1

Fixed

ba148cf5bf7fa7cc445fb53c4aa88886d01e76d0

Fixed

4ccc23a511ef5659c8c1f0b9c61516af09a0552f

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "fixed_range": "0139cc4195e77fe15ee5f684745d16aa990d01f6:4ccc23a511ef5659c8c1f0b9c61516af09a0552f"
}