OSV-2020-1136

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libressl/OSV-2020-1136.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1136

Published

2020-07-22T21:49:49.841110Z

Modified

2022-04-13T03:04:38.796689Z

Summary

Global-buffer-overflow in ssl_sigalg

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13797

Crash type: Global-buffer-overflow READ 2
Crash state:
ssl_sigalg
tls1_process_sigalgs
tlsext_sigalgs_server_parse

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13797

Affected packages

OSS-Fuzz / libressl

Package

Name: libressl
Purl: pkg:generic/libressl

Affected ranges

Type: GIT
Repo: https://github.com/libressl-portable/portable.git
Events: Introduced

4ea2a01a0d2cc889e95316f51c7a36f8f158df44

Fixed

4b6c7bfd02dec26021882f1599dbcbccdd4d2889

Ecosystem specific

{
    "introduced_range": "unknown:4ea2a01a0d2cc889e95316f51c7a36f8f158df44",
    "fixed_range": "4ea2a01a0d2cc889e95316f51c7a36f8f158df44:4b6c7bfd02dec26021882f1599dbcbccdd4d2889"
}