OSV-2020-336

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2020-336.yaml

Published

2020-07-01T00:00:03.773709Z

Modified

2022-04-13T03:04:38.935999Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12589

Crash type: Stack-buffer-overflow READ {*}
Crash state:
ot::NetworkData::PrefixTlv::Init
ot::NetworkData::Local::AddOnMeshPrefix
otError ot::Ncp::NcpBase::HandlePropertyInsert<

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12589

Affected packages

OSS-Fuzz / openthread

Package

Name: openthread

Affected ranges

Type: GIT
Repo: https://github.com/openthread/openthread
Events: Introduced

64e62a53145a752e913d6ef4a67f7f1923a868d5

Fixed

a00c53883001654444f45db8c15aff38e15b4a04

Ecosystem specific

{
    "severity": "MEDIUM"
}