OSV-2021-1633

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2021-1633.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1633
Published
2021-11-29T00:00:13.762470Z
Modified
2022-04-13T03:04:38.256357Z
Summary
Heap-buffer-overflow in mk_string_copy_substr
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41448

Crash type: Heap-buffer-overflow READ {*}
Crash state:
mk_string_copy_substr
mk_rconf_read
mk_rconf_open
References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
1c3811ba12bf924a96c916e2409a0d41c336debf
Fixed
e16a7daa4b8d4ec28f1e91be3570f99b03deba7c
Fixed
c5741b48c24aa80ddd820e6f42e6ce8fc5f5d98b

Ecosystem specific 

{
    "severity": "HIGH"
}