OSV-2021-540

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fwupd/OSV-2021-540.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-540
Published
2021-03-21T00:00:08.667933Z
Modified
2022-04-13T03:04:39.625358Z
Summary
Heap-buffer-overflow in g_array_append_vals
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32249

Crash type: Heap-buffer-overflow READ {*}
Crash state:
g_array_append_vals
g_byte_array_append
fu_efi_firmware_volume_write
References

Affected packages

OSS-Fuzz / fwupd

Package

Name
fwupd
Purl
pkg:generic/fwupd

Affected ranges

Type
GIT
Repo
https://github.com/fwupd/fwupd.git
Events
Introduced
278c3998a5559a5fe31c2d42e85b796765495e56
Fixed
be83a8eeeac807538cbfffc51ed683bf4e7be6d0

Ecosystem specific 

{
    "severity": "MEDIUM"
}