OSV-2020-2166

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-2166.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2166
Published
2020-11-17T00:00:58.901949Z
Modified
2022-04-13T03:04:40.705503Z
Summary
Heap-buffer-overflow in get_32aligned_be64
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27524

Crash type: Heap-buffer-overflow READ 4
Crash state:
get_32aligned_be64
nl_attr_get_be64
format_odp_tun_attr
References

Affected packages

OSS-Fuzz / openvswitch

Package

Name
openvswitch
Purl
pkg:generic/openvswitch

Affected ranges

Type
GIT
Repo
https://github.com/openvswitch/ovs.git
Events
Introduced
3c6d05a02e0fd2cde2f988a0e41a19f47c3d6947
Fixed
bb9303899b8bd7a9251a723393959c923d0c0196
Fixed
d40db569e2a83d925c67b3affa1a31de6d9ef07c

Affected versions

v2.*

v2.14.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}