OSV-2018-89

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wpantund/OSV-2018-89.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-89

Published

2021-01-13T00:00:40.795012Z

Modified

2022-04-13T03:04:33.923566Z

Summary

Heap-use-after-free in TunnelIPv6Interface::remove_address

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10864

Crash type: Heap-use-after-free READ 4
Crash state:
TunnelIPv6Interface::remove_address
nl::wpantund::NCPInstanceBase::unicast_address_was_removed
nl::wpantund::NCPInstanceBase::on_mesh_prefix_was_removed

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10864

Affected packages

OSS-Fuzz / wpantund

Package

Name: wpantund
Purl: pkg:generic/wpantund

Affected ranges

Type: GIT
Repo: https://github.com/openthread/wpantund
Events: Introduced

0b1be41c37455de642834235f497e79ab9867b63

Fixed

bd1361434619a52b296e6a94c4188aae1a693179

Ecosystem specific

{
    "severity": "HIGH"
}