OSV-2021-1099

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2021-1099.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1099
Published
2021-08-05T00:00:36.874659Z
Modified
2022-04-13T03:04:38.826141Z
Summary
Stack-buffer-overflow in ot::StringFind
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36830

Crash type: Stack-buffer-overflow READ 1
Crash state:
ot::StringFind
ot::Coap::Message::AppendUriPathOptions
otCoapMessageAppendUriPathOptions
References

Affected packages

OSS-Fuzz / openthread

Package

Name
openthread
Purl
pkg:generic/openthread

Affected ranges

Type
GIT
Repo
https://github.com/openthread/openthread
Events
Introduced
354387c931811582476385afd52e20c6b77f0dcf
Fixed
d4005f9d14f8e156bbde563186f73f60e91c5872
Fixed
2e625bfe39768e0fdcfd5a40f9fbc49673b30686

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "15584dcda3cee6658ebf2bf3b70d42724168a9d0:2e625bfe39768e0fdcfd5a40f9fbc49673b30686"
}