OSV-2022-35

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tcmalloc/OSV-2022-35.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-35
Published
2022-01-13T00:00:25.384147Z
Modified
2022-04-13T03:04:42.821777Z
Summary
Use-after-poison in absl::BytesToHexString
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43554

Crash type: Use-after-poison READ 1
Crash state:
absl::BytesToHexString
References

Affected packages

OSS-Fuzz / tcmalloc

Package

Name
tcmalloc
Purl
pkg:generic/tcmalloc

Affected ranges

Type
GIT
Repo
https://github.com/google/tcmalloc
Events
Introduced
778abcc57b634d93f2b9fe196f556673402b9a53
Fixed
a4838d5b4ab520f4d6360865464d63993561c732

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

fixed_range 
"c9da0eab4728e145803692e876d9277da7fd2a6a:a4838d5b4ab520f4d6360865464d63993561c732"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tcmalloc/OSV-2022-35.yaml"