OSV-2024-422

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tinyusb/OSV-2024-422.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-422
Published
2024-05-05T00:07:53.114978Z
Modified
2024-05-05T00:07:53.115405Z
Summary
Use-of-uninitialized-value in cdc_task
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68505

Crash type: Use-of-uninitialized-value
Crash state:
cdc_task
fuzz.cc
std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch
References

Affected packages

OSS-Fuzz / tinyusb

Package

Name
tinyusb
Purl
pkg:generic/tinyusb

Affected ranges

Type
GIT
Repo
https://github.com/hathach/tinyusb.git
Events
Introduced
56dbfe59d93975a6256f5bb00da68919b28e07cb
Fixed
bd15f65e81724d05493fe9e020daf9a2ff7d2865

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"a435befcdeb6bbd40cf3ba342756f8d73f031957:bd15f65e81724d05493fe9e020daf9a2ff7d2865"
introduced_range 
"1c04d5992a020aefe16ffb2acce62d84d4899395:a435befcdeb6bbd40cf3ba342756f8d73f031957"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tinyusb/OSV-2024-422.yaml"