OSV-2021-614

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/cryptofuzz/OSV-2021-614.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-614

Published

2021-04-09T00:00:06.878364Z

Modified

2022-04-13T03:04:35.099519Z

Summary

Heap-buffer-overflow in ossl_aria_set_encrypt_key

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33022

Crash type: Heap-buffer-overflow READ 1
Crash state:
ossl_aria_set_encrypt_key
cipher_hw_aria_initkey
cipher_generic_init_internal

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33022

Affected packages

OSS-Fuzz / cryptofuzz

Package

Name: cryptofuzz
Purl: pkg:generic/cryptofuzz

Affected ranges

Type: GIT
Repo: https://github.com/guidovranken/cryptofuzz
Events: Introduced

4487ff8fcb8639253b0139f83b2fca4a44f4c851

Fixed

0806bc7eaa7a0749585e368876ac723f69fa5e10

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "7befe29cf175dda18b60b9016ba5775ff0936f7b:a198cc04c3ffaf83007db19935d22d3e5de94e2d",
    "fixed_range": "a198cc04c3ffaf83007db19935d22d3e5de94e2d:0806bc7eaa7a0749585e368876ac723f69fa5e10"
}