OSV-2024-29

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mruby/OSV-2024-29.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-29
Published
2024-01-22T00:01:33.424797Z
Modified
2024-02-14T14:18:57.560129Z
Summary
Heap-buffer-overflow in mrb_memsearch
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65996

Crash type: Heap-buffer-overflow READ {*}
Crash state:
mrb_memsearch
str_convert_range
mrb_str_aref
References

Affected packages

OSS-Fuzz / mruby

Package

Name
mruby
Purl
pkg:generic/mruby

Affected ranges

Type
GIT
Repo
https://github.com/mruby/mruby
Events
Introduced
69cf074778f2e08c565f03e4251aaef38879ca69
Fixed
028c53d667a8b23fcccbfa770cca87276cfcc4e2

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "f13101124c9806311219e5f805fc723dcdbc912c:028c53d667a8b23fcccbfa770cca87276cfcc4e2"
}