OSV-2021-750

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2021-750.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-750

Published

2021-05-11T00:01:09.150660Z

Modified

2022-04-13T03:04:38.361302Z

Summary

Heap-double-free in flb_free

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34116

Crash type: Heap-double-free
Crash state:
flb_free
flb_parser_json_do
flb_parser_do

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34116

Affected packages

OSS-Fuzz / fluent-bit

Package

Name: fluent-bit
Purl: pkg:generic/fluent-bit

Affected ranges

Type: GIT
Repo: https://github.com/fluent/fluent-bit/
Events: Introduced

22346a74c07ceb90296be872be2d53eb92252a54

Fixed

0111149ce44b28cb6b5af710009bd3a2c14d8eb9

Introduced

9b4d9ee0f9d42383bad593b05b95f25e8b294c71

Fixed

fd6cf54de43003220ab8990f0fedc966c100cb66

Ecosystem specific

{
    "severity": "HIGH"
}