gpsd-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Issue 61617 in oss-fuzz: gpsd:FuzzPacket: Stack-buffer-overflow in crc24

From: ClusterFuzz-External via monorail
Subject: Issue 61617 in oss-fuzz: gpsd:FuzzPacket: Stack-buffer-overflow in crc24q_check
Date: Sun, 20 Aug 2023 07:30:49 -0700
Status: New
Owner: ----
CC: gpsd-...@nongnu.org, ajsin...@gmail.com, g...@rellim.com
Labels: Restrict-View-Commit ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer OS-Linux Security_Severity-Medium Proj-gpsd Reported-2023-08-20
Type: Bug-Security

New issue 61617 by ClusterFuzz-External: gpsd:FuzzPacket: Stack-buffer-overflow in crc24q_check
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61617

Detailed Report: https://oss-fuzz.com/testcase?key=6730139151761408

Project: gpsd
Fuzzing Engine: libFuzzer
Fuzz Target: FuzzPacket
Job Type: libfuzzer_asan_gpsd
Platform Id: linux

Crash Type: Stack-buffer-overflow READ 1
Crash Address: 0x7ffc9eabe128
Crash State:
crc24q_check
packet_parse
FuzzPacket.c

Sanitizer: address (ASAN)

Recommended Security Severity: Medium

Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_gpsd&range=202308190624:202308200618

Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6730139151761408

Issue filed automatically.

See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally.
When you fix this bug, please
* mention the fix revision(s).
* state whether the bug was a short-lived regression or an old bug in any stable releases.
* add any other useful information.
This information can help downstream consumers.

If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without an upstream patch, then the bug report will automatically
become visible to the public.

--
You received this message because:
1. You were specifically CC'd on the issue

You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings

Reply to this email to add a comment.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]