OSV-2023-1135

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2023-1135.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-1135

Published

2023-11-11T13:00:21.019255Z

Modified

2025-04-24T14:23:15.311238Z

Summary

Segv on unknown address in flb_sds_cat_safe

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64049

Crash type: Segv on unknown address
Crash state:
flb_sds_cat_safe
flb_cf_key_translate
flb_cf_section_property_add

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64049

Affected packages

OSS-Fuzz / fluent-bit

Package

Name: fluent-bit
Purl: pkg:generic/fluent-bit

Affected ranges

Type: GIT
Repo: https://github.com/fluent/fluent-bit/
Events: Introduced

041793599df288420bdfd1894900fe2a6e872f59

Introduced

b1726462c24dfe4d908474d38825bf141964e75d

Fixed

e8d608b7d7a7c12eae2dfce019f3c263257ed131

Affected versions

v2.*

v2.1.10

v2.1.5

v2.1.5-windows-artifact-fix

v2.1.6

v2.1.7

v2.1.8

v2.1.9

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v3.*

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.1.0

v3.1.1

v3.1.10

v3.1.2

v3.1.3

v3.1.4

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.1.9

v3.2.0

v3.2.1

v3.2.10

v3.2.2

v3.2.3

v3.2.4

v3.2.5

v3.2.6

v3.2.7

v3.2.8

v3.2.9

v4.*

v4.0.0

v4.0.1

Ecosystem specific

{
    "severity": null
}

Database specific

fixed_range

"46ba2aa27b608a51e5cc401bb0550931ae2892d7:e8d608b7d7a7c12eae2dfce019f3c263257ed131"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2023-1135.yaml"