OSV-2021-840

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/serenity/OSV-2021-840.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-840

Published

2021-06-07T00:00:35.428789Z

Modified

2022-04-13T03:04:32.175811Z

Summary

Use-after-poison in AK::RefPtr<AK::StringImpl, AK::RefPtrTraits<AK::StringImpl> >::RefPtr

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34971

Crash type: Use-after-poison WRITE 8
Crash state:
AK::RefPtr&lt;AK::StringImpl, AK::RefPtrTraits<AK::StringImpl> >::RefPtr
AK::String::String
JS::abstract_relation

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34971

Affected packages

OSS-Fuzz / serenity

Package

Name: serenity
Purl: pkg:generic/serenity

Affected ranges

Type: GIT
Repo: https://github.com/SerenityOS/serenity
Events: Introduced

09233b9e4139baedb516659fa30876edcb7bf436

Fixed

442ef6300826816c115462f19df4c168a04415d5

Fixed

2c8309c841419d74ab1cd8f13ce92194b80594c3

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "fixed_range": "e72e621d89fee1d368f294eb239fa4fe54a1b5f2:2c8309c841419d74ab1cd8f13ce92194b80594c3"
}