OSV-2021-624

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/cryptofuzz/OSV-2021-624.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-624
Published
2021-04-10T00:01:08.368776Z
Modified
2022-04-13T03:04:35.082679Z
Summary
Heap-buffer-overflow in load_u32_be
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33039

Crash type: Heap-buffer-overflow READ 1
Crash state:
load_u32_be
ossl_sm4_set_key
cipher_hw_sm4_initkey
References

Affected packages

OSS-Fuzz / cryptofuzz

Package

Name
cryptofuzz
Purl
pkg:generic/cryptofuzz

Affected ranges

Type
GIT
Repo
https://github.com/guidovranken/cryptofuzz
Events

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "7befe29cf175dda18b60b9016ba5775ff0936f7b:a198cc04c3ffaf83007db19935d22d3e5de94e2d",
    "fixed_range": "a198cc04c3ffaf83007db19935d22d3e5de94e2d:0806bc7eaa7a0749585e368876ac723f69fa5e10"
}