OSV-2025-818

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/arrow/OSV-2025-818.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-818

Published

2025-10-07T00:03:45.262747Z

Modified

2025-10-10T14:38:33.479652Z

Summary

Heap-buffer-overflow in std::__1::pair<int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=449498800

Crash type: Heap-buffer-overflow READ 1
Crash state:
std::__1::pair&lt;int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R
arrow::util::RleBitPackedDecoder<int>::GetBatch
auto parquet::DictByteArrayDecoderImpl::DecodeArrowDense

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=449498800

Affected packages

OSS-Fuzz / arrow

Package

Name: arrow
Purl: pkg:generic/arrow

Affected ranges

Type: GIT
Repo: https://github.com/apache/arrow.git
Events: Introduced

64f2055ffb68e5077420f4253e76d78952438cab

Fixed

33d1f32136f950520dcca278b77acff430dc8dca

Fixed

7b4dd0511162ca985365fbde9e633ca33de57215

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

introduced_range

"e68236ae36385127b851ca129ed0cbc1078cae48:235032ad245030c6364a9c8ec02066c0aa0bb18d"