OSV-2022-144

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2022-144.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-144
Published
2022-02-13T00:00:46.389187Z
Modified
2022-07-07T03:04:18.191141Z
Summary
Segv on unknown address in onig_free_body
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44603

Crash type: Segv on unknown address Crash state: onigfreebody onignew flbregex_create

References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
e59f16b1168fca4046fff219ba9ae4e20dee6610
Fixed
138de6ad92c6eee88ecf67cdf78a28d45a8bb3fb
Fixed
c6fb81a5f43153809456d5444bb28e7f72d308a8

Affected versions

Other

ci-release-test
unstable
unstable-master

v1.*

v1.9.0
v1.9.0-ci-test-1
v1.9.0-rc1
v1.9.0-rc2
v1.9.0-rc3
v1.9.0-rc4
v1.9.1
v1.9.2
v1.9.3
v1.9.4
v1.9.5

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "b8cf2aedcb426f4706425d3f7c15b0b9cfbb8332:138de6ad92c6eee88ecf67cdf78a28d45a8bb3fb"
}