OSV-2020-881

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/radare2/OSV-2020-881.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-881

Published

2020-07-14T22:13:57.548799Z

Modified

2022-04-13T03:04:36.670946Z

Summary

Heap-buffer-overflow in read_uleb128

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18549

Crash type: Heap-buffer-overflow READ 1
Crash state:
read_uleb128
walk_exports
get_symbols

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18549

Affected packages

OSS-Fuzz / radare2

Package

Name: radare2
Purl: pkg:generic/radare2

Affected ranges

Type: GIT
Repo: https://github.com/radare/radare2
Events: Introduced

74958b8e88879302d6f61a813943b968cf03dbd5

Fixed

3b04d3ef4093dafeff72e22589a3598ca0202ac9

Affected versions

4.*

4.0.0

4.1.0

4.1.1

4.2.0

4.2.1

4.3.0

4.3.1

4.4.0

4.5.0

4.5.1

5.*

5.0.0

5.1.0

5.1.1

5.2.0

5.2.1

5.3.0

5.3.1

5.4.0

5.4.0-git

5.4.2

5.5.0

5.5.2

5.5.4

Other

Continuous-Windows

continuous

release-5.*

release-5.0.0

Ecosystem specific

{
    "severity": "MEDIUM"
}