OSV-2024-1293

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/krb5/OSV-2024-1293.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-1293

Published

2024-11-08T00:16:09.025852Z

Modified

2024-11-08T00:16:09.026399Z

Summary

Use-of-uninitialized-value in k5_hashtab_add

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=377530685

Crash type: Use-of-uninitialized-value
Crash state:
k5_hashtab_add
insert_entry
fuzz_kdc.c

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=377530685

Affected packages

OSS-Fuzz / krb5

Package

Name: krb5
Purl: pkg:generic/krb5

Affected ranges

Type: GIT
Repo: https://github.com/krb5/krb5.git
Events: Introduced

7cc16a52b4ea68939da6407ed66914a792441463

Fixed

d09433aed821d40142b10dc5b4a0aa8110c5a09e

Fixed

dc5554394e5a4363b3e109623edbeb9ad6c18a62

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "ff4d99b1e4f7b652fc98330c21d1c92e01f14736:0a23b0cd9466e8a7c6fb82fce185be6e0834ce26",
    "fixed_range": "0a23b0cd9466e8a7c6fb82fce185be6e0834ce26:dc5554394e5a4363b3e109623edbeb9ad6c18a62"
}