OSV-2020-1843

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfssl/OSV-2020-1843.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1843

Published

2020-09-26T00:00:06.428089Z

Modified

2022-04-13T03:04:35.717971Z

Summary

Heap-buffer-overflow in SendUserAuthPkOk

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25926

Crash type: Heap-buffer-overflow READ {*}
Crash state:
SendUserAuthPkOk
DoUserAuthRequestPublicKey
DoUserAuthRequest

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25926

Affected packages

OSS-Fuzz / wolfssl

Package

Name: wolfssl
Purl: pkg:generic/wolfssl

Affected ranges

Type: GIT
Repo: https://github.com/wolfssl/wolfssl
Events: Introduced

83cdd1c314af5d6326470254b3cdbb9d85182348

Fixed

4f6c1db9a2ae47cfe488e7443ce54b7e2a815261

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "deaf3b4b40d26663191d085557fbeb8cafa420ae:881657782478cef4a1527847bb2c4cd427bd6c99",
    "fixed_range": "84ee1509b736cac51bd1b2f13fb7e86505b0735a:4f6c1db9a2ae47cfe488e7443ce54b7e2a815261"
}