OSV-2018-13

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/boringssl/OSV-2018-13.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-13
Withdrawn
2024-05-08T03:26:30Z
Published
2021-01-13T00:00:05.629092Z
Modified
2024-05-08T03:26:30Z
Summary
Use-of-uninitialized-value in bn_sub_words
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8654

Crash type: Use-of-uninitialized-value
Crash state:
bn_sub_words
bn_reduce_once
bn_from_montgomery_in_place
References

Affected packages

OSS-Fuzz / boringssl

Package

Name
boringssl
Purl
pkg:generic/boringssl

Affected ranges

Type
GIT
Repo
https://boringssl.googlesource.com/boringssl
Events
Introduced
81a6f6d8de908e27901f5c968c576fbb9c3f35d0
Fixed
f8f35c95550e6796ab8b2c0f8e37e7ce4bc67302

Affected versions

Other
fips-20180730
fips-20190808
fips-android-20191020
version_for_cocoapods_10.*
version_for_cocoapods_10.0

Ecosystem specific 

{
    "fixed_range": "81a6f6d8de908e27901f5c968c576fbb9c3f35d0:f8f35c95550e6796ab8b2c0f8e37e7ce4bc67302",
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/boringssl/OSV-2018-13.yaml"