OSV-2022-36

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tcmalloc/OSV-2022-36.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-36
Published
2022-01-13T00:00:36.808390Z
Modified
2022-04-13T03:04:42.815986Z
Summary
Heap-buffer-overflow in void absl::BytesToHexStringInternal<std::__1::basic_string<char, std::__1::char_
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43553

Crash type: Heap-buffer-overflow READ 1
Crash state:
void absl::BytesToHexStringInternal&lt;std::__1::basic_string&lt;char, std::__1::char_
absl::BytesToHexString
References

Affected packages

OSS-Fuzz / tcmalloc

Package

Name
tcmalloc
Purl
pkg:generic/tcmalloc

Affected ranges

Type
GIT
Repo
https://github.com/google/tcmalloc
Events
Introduced
778abcc57b634d93f2b9fe196f556673402b9a53
Fixed
a4838d5b4ab520f4d6360865464d63993561c732

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "c9da0eab4728e145803692e876d9277da7fd2a6a:a4838d5b4ab520f4d6360865464d63993561c732"
}