OSV-2020-434

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-434.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-434
Published
2020-07-01T00:00:09.309832Z
Modified
2022-04-13T03:04:40.780011Z
Summary
Heap-buffer-overflow in format_generic_odp_key
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14429

Crash type: Heap-buffer-overflow READ 1
Crash state:
format_generic_odp_key
check_attr_len
format_odp_key_attr
References

Affected packages

OSS-Fuzz / openvswitch

Package

Name
openvswitch
Purl
pkg:generic/openvswitch

Affected ranges

Type
GIT
Repo
https://github.com/openvswitch/ovs.git
Events
Introduced
ea43b024a8a03f6648d0e06589137a4fbfea9f5a
Fixed
e2ed6fbeb18cba1235c6a260b754f11ecc9d4cb0

Affected versions

v2.*

v2.11.0
v2.11.1
v2.11.2
v2.11.3
v2.11.4
v2.11.5
v2.11.6
v2.11.7
v2.12.0
v2.12.1
v2.12.2
v2.12.3
v2.12.4

Ecosystem specific 

{
    "severity": "MEDIUM",
    "fixed_range": "187bb41fbf447acf9fb6ac117dc923bbe649e78c:e2ed6fbeb18cba1235c6a260b754f11ecc9d4cb0"
}