OSV-2021-616

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/cryptofuzz/OSV-2021-616.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-616

Published

2021-04-09T00:00:12.734210Z

Modified

2022-04-13T03:04:35.010440Z

Summary

Heap-buffer-overflow in Camellia_Ekeygen

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33028

Crash type: Heap-buffer-overflow READ 1
Crash state:
Camellia_Ekeygen
Camellia_set_key
cipher_hw_camellia_initkey

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33028

Affected packages

OSS-Fuzz / cryptofuzz

Package

Name: cryptofuzz
Purl: pkg:generic/cryptofuzz

Affected ranges

Type: GIT
Repo: https://github.com/guidovranken/cryptofuzz
Events: Introduced

4487ff8fcb8639253b0139f83b2fca4a44f4c851

Fixed

0806bc7eaa7a0749585e368876ac723f69fa5e10

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "7befe29cf175dda18b60b9016ba5775ff0936f7b:a198cc04c3ffaf83007db19935d22d3e5de94e2d",
    "fixed_range": "a198cc04c3ffaf83007db19935d22d3e5de94e2d:0806bc7eaa7a0749585e368876ac723f69fa5e10"
}