OSV-2024-422

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tinyusb/OSV-2024-422.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-422

Published

2024-05-05T00:07:53.114978Z

Modified

2024-05-05T00:07:53.115405Z

Summary

Use-of-uninitialized-value in cdc_task

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68505

Crash type: Use-of-uninitialized-value
Crash state:
cdc_task
fuzz.cc
std::__1::basic_string&lt;char, std::__1::char_traits<char>, std::__1::allocator&lt;ch

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68505

Affected packages

OSS-Fuzz / tinyusb

Package

Name: tinyusb
Purl: pkg:generic/tinyusb

Affected ranges

Type: GIT
Repo: https://github.com/hathach/tinyusb.git
Events: Introduced

56dbfe59d93975a6256f5bb00da68919b28e07cb

Fixed

bd15f65e81724d05493fe9e020daf9a2ff7d2865

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "1c04d5992a020aefe16ffb2acce62d84d4899395:a435befcdeb6bbd40cf3ba342756f8d73f031957",
    "fixed_range": "a435befcdeb6bbd40cf3ba342756f8d73f031957:bd15f65e81724d05493fe9e020daf9a2ff7d2865"
}