OSV-2020-430

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-430

Published

2020-07-01T00:00:09.096641Z

Modified

2022-04-13T03:04:38.763723Z

Summary

Stack-use-after-return in OSSL_PARAM_get_int32

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15114

Crash type: Stack-use-after-return READ 4
Crash state:
OSSL_PARAM_get_int32
md5_sha1_set_params
ssl3_final_finish_mac

References

Affected packages

Type: GIT
Repo: https://github.com/openssl/openssl.git
Events: Introduced

d5e5e2ffafc7dbc861f7d285508cf129c5e8f5ac

Fixed

83b4a24384e62ed8cf91f51bf9a303f98017e13e

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openssl/OSV-2020-430.yaml"