OSV-2021-1224

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libsrtp/OSV-2021-1224.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1224
Published
2021-09-11T00:01:13.004929Z
Modified
2022-04-13T03:04:39.630798Z
Summary
Heap-buffer-overflow in srtp_stream_init_keys
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38359

Crash type: Heap-buffer-overflow READ {*}
Crash state:
srtp_stream_init_keys
srtp_stream_init
srtp_add_stream
References

Affected packages

OSS-Fuzz / libsrtp

Package

Name
libsrtp
Purl
pkg:generic/libsrtp

Affected ranges

Type
GIT
Repo
https://github.com/cisco/libsrtp
Events
Introduced
812a683c8554f53b80f64b94966c790c59b7de32
Introduced
2437e647e499b1294682f3a67ab57f601c655b59
Fixed
f1d1e57a49dca345e086e01b5fccc44e723221e0

Affected versions

Other

v2

v2.*

v2.4
v2.4.1
v2.4.2

Ecosystem specific 

{
    "severity": "MEDIUM"
}