OSV-2021-991

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fmt/OSV-2021-991.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-991

Published

2021-07-14T00:00:34.913206Z

Modified

2022-04-13T03:04:33.958236Z

Summary

Dynamic-stack-buffer-overflow in fmt::v8::detail::dragonbox::umul192_upper64

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36110

Crash type: Dynamic-stack-buffer-overflow WRITE 8
Crash state:
fmt::v8::detail::dragonbox::umul192_upper64
fmt::v8::detail::dragonbox::cache_accessor<double>::compute_mul
fmt::v8::detail::dragonbox::decimal_fp<double> fmt::v8::detail::dragonbox::to_de

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36110

Affected packages

OSS-Fuzz / fmt

Package

Name: fmt
Purl: pkg:generic/fmt

Affected ranges

Type: GIT
Repo: https://github.com/fmtlib/fmt.git
Events: Introduced

bd3c792507e1a1003f7532088e976665dcbe4628

Fixed

2038bf61831eb8faede0883965364a974d1350fe

Affected versions

7.*

7.1.0

7.1.1

7.1.2

7.1.3

8.*

8.0.0

8.0.1

Ecosystem specific

{
    "severity": null
}