OSV-2025-289

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openthread/OSV-2025-289.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-289

Published

2025-04-19T00:05:17.593162Z

Modified

2025-04-19T00:05:17.593788Z

Summary

Stack-buffer-overflow in ot::Cli::Utils::OutputLine

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=411460530

Crash type: Stack-buffer-overflow READ {*}
Crash state:
ot::Cli::Utils::OutputLine
ot::Cli::Dns::HandleDnsRecordResponse
ot::Dns::Client::FinalizeQuery

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=411460530

Affected packages

OSS-Fuzz / openthread

Package

Name: openthread
Purl: pkg:generic/openthread

Affected ranges

Type: GIT
Repo: https://github.com/openthread/openthread
Events: Introduced

98b88dc8f7a3a9f7300248093752455260d605df

Fixed

3e7528e4e9cc992166dba8db471d063443d60710

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "fixed_range": "424de28a2f5cb2f24e81264a56c2425efb44d42d:3e7528e4e9cc992166dba8db471d063443d60710"
}