OSV-2021-1500

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/radare2/OSV-2021-1500.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1500

Published

2021-10-28T00:01:38.205304Z

Modified

2022-08-25T03:31:16.805065Z

Summary

Heap-buffer-overflow in parse_microsoft_mangled_name

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40342

Crash type: Heap-buffer-overflow READ 1
Crash state:
parse_microsoft_mangled_name
microsoft_demangle
r_bin_demangle_msvc

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40342

Affected packages

OSS-Fuzz / radare2

Package

Name: radare2
Purl: pkg:generic/radare2

Affected ranges

Type: GIT
Repo: https://github.com/radareorg/radare2
Events: Introduced

775f2b3d8d6d44f3312f9911dcf70b203268f387

Fixed

a31394b39e6194a8ecd6c83e53c658f704a315fb

Affected versions

4.*

4.4.0

4.5.1

5.*

5.0.0

5.1.0

5.1.1

5.2.0

5.2.1

5.3.0

5.3.1

5.4.0

5.4.0-git

5.4.2

5.5.0

5.5.2

5.5.4

5.6.0

5.6.2

5.6.4

5.6.6

5.6.8

5.7.0

5.7.2

5.7.4

5.7.6

release-5.*

release-5.0.0

Ecosystem specific

{
    "severity": "MEDIUM"
}