OSV-2024-978

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tarantool/OSV-2024-978.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-978
Published
2024-08-16T00:15:00.390591Z
Modified
2024-08-16T00:15:00.390986Z
Summary
Stack-buffer-overflow in narrow_conv_backprop
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537498

Crash type: Stack-buffer-overflow WRITE 4
Crash state:
narrow_conv_backprop
narrow_conv_backprop
narrow_conv_backprop
References

Affected packages

OSS-Fuzz / tarantool

Package

Name
tarantool
Purl
pkg:generic/tarantool

Affected ranges

Type
GIT
Repo
https://github.com/tarantool/tarantool
Events
Introduced
3d97334fa3e1ea6a94058c73137f115eb2160b3c
Fixed
c10c62927e4cba52cfc44103fc1e21c9d6606fb2

Affected versions

3.*

3.2.0
3.2.1-entrypoint
3.3.0-entrypoint

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "b33f17b25de6bcbe3ebc236250976e4a0250e75e:c10c62927e4cba52cfc44103fc1e21c9d6606fb2"
}