OSV-2023-1088

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/arrow/OSV-2023-1088.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-1088

Published

2023-10-30T13:03:09.754708Z

Modified

2023-11-29T14:16:28.700148Z

Summary

Heap-buffer-overflow in arrow::Status arrow::Result<std::__1::unique_ptr<arrow::Buffer, std::__1::defaul

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63679

Crash type: Heap-buffer-overflow WRITE 8
Crash state:
arrow::Status arrow::Result&lt;std::__1::unique_ptr&lt;arrow::Buffer, std::__1::defaul
arrow::ipc::ArrayLoader::GetBuffer
arrow::ipc::ArrayLoader::Visit

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63679

Affected packages

OSS-Fuzz / arrow

Package

Name: arrow
Purl: pkg:generic/arrow

Affected ranges

Type: GIT
Repo: https://github.com/apache/arrow.git
Events: Introduced

f62213921b003cc716d6fe50d8604560cea4a3d4

Fixed

84c15da1997559c37841dc16f9e2c70c643dd9d2

Affected versions

apache-arrow-15.*

apache-arrow-15.0.0.dev

Ecosystem specific

{
    "severity": "HIGH"
}