OSV-2023-1140

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/matio/OSV-2023-1140.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-1140
Published
2023-11-12T13:01:29.798132Z
Modified
2024-04-29T11:24:13.839064Z
Summary
Heap-buffer-overflow in H5MM_strdup
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64092

Crash type: Heap-buffer-overflow READ {*}
Crash state:
H5MM_strdup
H5G__stab_get_name_by_idx_cb
H5G__node_by_idx
References

Affected packages

OSS-Fuzz / matio

Package

Name
matio
Purl
pkg:generic/matio

Affected ranges

Type
GIT
Repo
https://github.com/tbeu/matio.git
Events
Introduced
7019a4c5212ab34ee336d77b9d6965920944b41a
Fixed
29e986fb1cfe09dacdbe386f441882025f652377

Affected versions

v1.*
v1.5.24
v1.5.25
v1.5.26

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/matio/OSV-2023-1140.yaml"
fixed_range 
"711128127c47ed23d81e37c99461796f5e168c7d:29e986fb1cfe09dacdbe386f441882025f652377"