OSV-2021-386

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2021-386.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-386

Published

2021-02-13T00:00:59.547439Z

Modified

2022-04-13T03:04:38.946438Z

Summary

Stack-buffer-overflow in ot::Coap::Message::AppendUintOption

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30831

Crash type: Stack-buffer-overflow READ 1
Crash state:
ot::Coap::Message::AppendUintOption
ot::Coap::Message::AppendBlockOption
otCoapMessageAppendBlock2Option

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30831

Affected packages

OSS-Fuzz / openthread

Package

Name: openthread
Purl: pkg:generic/openthread

Affected ranges

Type: GIT
Repo: https://github.com/openthread/openthread
Events: Introduced

2cd36266abaaf8b79ebb0441e6ed2ec3847cf3ca

Fixed

159efe77c07abbd38f3afc754d6a644f1a14d64e

Ecosystem specific

{
    "severity": "MEDIUM"
}