OSV-2020-325

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-325.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-325

Published

2020-07-01T00:00:02.845124Z

Modified

2022-04-13T03:04:42.135767Z

Summary

Stack-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15159

Crash type: Stack-buffer-overflow READ {*}
Crash state:
std::__1::basic_string&lt;char, std::__1::char_traits<char>, std::__1::allocator&lt;ch
nccfdriver::attrf
nccfdriver::getCFVersion

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15159

Affected packages

OSS-Fuzz / gdal

Package

Name: gdal
Purl: pkg:generic/gdal

Affected ranges

Type: GIT
Repo: https://github.com/OSGeo/gdal
Events: Introduced

38c1e385e81223476828d57aa83af5716a9256b7

Fixed

767e3a56144f676ca738ef8f700e0e56035bd05a

Introduced

27b9bf644bcf1208f7d6594bdd104cc8a8bb0646

Affected versions

v2.*

v2.4.2

v2.4.3

v2.4.3RC1

v2.4.4

v2.4.4RC1

v3.*

v3.0.1

v3.0.2

v3.0.2RC1

v3.0.3

v3.0.3RC1

v3.0.4

v3.0.4RC1

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "289b796e365ac26020548410d6ae16022bc80718:f956a3c6ff43a877a63ee1199c5e0092c11a8c31"
}