OSV-2021-1612

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1612.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1612
Published
2021-11-24T00:00:12.425812Z
Modified
2022-04-13T03:04:34.038824Z
Summary
Heap-buffer-overflow in MqttDecode_Props
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41291

Crash type: Heap-buffer-overflow READ 1
Crash state:
MqttDecode_Props
MqttDecode_Disconnect
MqttClient_DecodePacket
References

Affected packages

OSS-Fuzz / wolfmqtt

Package

Name
wolfmqtt
Purl
pkg:generic/wolfmqtt

Affected ranges

Type
GIT
Repo
https://github.com/wolfSSL/wolfMQTT.git
Events
Introduced
07527e688cfa41fa9406a1271052de3cd677069a
Fixed
147aa20720112bb8d3c814c6a3cfa95837df4256

Affected versions

v1.*

v1.10.0
v1.11.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "9ca8696699cda17ad32ecb2cf22e2cd9ca5e47ab:147aa20720112bb8d3c814c6a3cfa95837df4256"
}