OSV-2024-1212

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2024-1212.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1212
Published
2024-10-11T00:16:27.350249Z
Modified
2024-10-11T00:16:27.350643Z
Summary
Heap-buffer-overflow in cram_encode_container
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372547397

Crash type: Heap-buffer-overflow READ 8
Crash state:
cram_encode_container
cram_flush_container_mt
cram_put_bam_seq
References

Affected packages

OSS-Fuzz / htslib

Package

Name
htslib
Purl
pkg:generic/htslib

Affected ranges

Type
GIT
Repo
https://github.com/samtools/htslib.git
Events
Introduced
e0d19561ab1dfc011d9ecb4acf135a7b877f9951
Fixed
4c1acb8f31a64c07f4a8f8fb07c087bc67e766a7

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "introduced_range": "2ff207bd16bb3094843395450aa48936dd774ecb:ca920611fcd8be1180045589ac11bff2f04eafd8"
}