OSV-2021-1257

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1257.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1257

Published

2021-09-14T00:01:43.346984Z

Modified

2022-04-13T03:04:42.155223Z

Summary

Stack-buffer-overflow in GRIBDataset::Open

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38610

Crash type: Stack-buffer-overflow READ 1
Crash state:
GRIBDataset::Open
GDALOpenEx
GDALOpen

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38610

Affected packages

OSS-Fuzz / gdal

Package

Name: gdal
Purl: pkg:generic/gdal

Affected ranges

Type: GIT
Repo: https://github.com/OSGeo/gdal
Events: Introduced

dde3a2ffeea4ae256bf14855453e9a9590880f8a

Fixed

b8cc984317dbc6628d43256b7059f22b5b8bbe55

Introduced

1891d11bd87aef7e6b63f9e886f31940cdf3f0e3

Fixed

bbf710970397896b1540e589c1bfccae94d64843

Fixed

3fb9ac5c5d4c46fb55489abea809e820b2273fd5

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "fd3f98b3b3c5caa081c03ac5ad3cdf01199967c2:543dd29d28b2121417eb699e28843c534a3c4c69",
    "fixed_range": "9e467eaea362c4ebdf706fde1c60179799f2894a:3fb9ac5c5d4c46fb55489abea809e820b2273fd5"
}