OSV-2020-353

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2020-353.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-353

Published

2020-07-01T00:00:04.770226Z

Modified

2022-04-13T03:04:38.919894Z

Summary

Stack-buffer-overflow in ot::MeshCoP::Commissioner::GeneratePskc

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19386

Crash type: Stack-buffer-overflow WRITE {*}
Crash state:
ot::MeshCoP::Commissioner::GeneratePskc
ot::Ncp::NcpBase::HandlePropertySet_SPINEL_PROP_MESHCOP_COMMISSIONER_GENERATE_PS
ot::Ncp::NcpBase::HandlePropertySetForSpecialProperties

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19386

Affected packages

OSS-Fuzz / openthread

Package

Name: openthread
Purl: pkg:generic/openthread

Affected ranges

Type: GIT
Repo: https://github.com/openthread/openthread
Events: Introduced

19695b0f8ea9fec430ab87f88e3ecd516b720c3f

Fixed

b8c3161281f8e15873f8decabd8eac461717aefe

Affected versions

Other

thread-reference-20191113

Ecosystem specific

{
    "severity": "HIGH"
}