{"id":"OSV-2020-629","summary":"Heap-buffer-overflow in bytestring_to_str","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19070\n\n```\nCrash type: Heap-buffer-overflow READ 1\nCrash state:\nbytestring_to_str\ndissect_NUMBER_acf_lin\ncall_dissector_work\n```\n","modified":"2022-04-13T04:14:54.501439Z","published":"2020-07-01T00:00:21.373324Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19070"}],"affected":[{"package":{"name":"wireshark","ecosystem":"OSS-Fuzz","purl":"pkg:generic/wireshark"},"ranges":[{"type":"GIT","repo":"https://gitlab.com/wireshark/wireshark.git","events":[{"introduced":"22fd28940a87dc55294614cb15faed3cb82b4986"},{"fixed":"f17f1277607e5d745d889489f8da43b2a4e996a6"}]}],"versions":["v3.1.1","v3.1.2rc0","v3.2.0","v3.2.0rc0","v3.2.0rc1","v3.2.0rc2","v3.2.1","v3.2.10","v3.2.10rc0","v3.2.11","v3.2.11rc0","v3.2.12rc0","v3.2.1rc0","v3.2.2","v3.2.2rc0","v3.2.3","v3.2.3rc0","v3.2.4","v3.2.4rc0","v3.2.5","v3.2.5rc0","v3.2.6","v3.2.6rc0","v3.2.7","v3.2.7rc0","v3.2.8","v3.2.8rc0","v3.2.9","v3.2.9rc0","v3.3.0rc0","wireshark-3.2.0","wireshark-3.2.1","wireshark-3.2.10","wireshark-3.2.11","wireshark-3.2.2","wireshark-3.2.3","wireshark-3.2.4","wireshark-3.2.5","wireshark-3.2.6","wireshark-3.2.7","wireshark-3.2.8","wireshark-3.2.9","v3.2.12","v3.2.13","v3.2.13rc0","v3.2.14","v3.2.14rc0","v3.2.15","v3.2.15rc0","v3.2.16","v3.2.16rc0","v3.2.17","v3.2.17rc0","v3.2.18","v3.2.18rc0","wireshark-3.2.12","wireshark-3.2.13","wireshark-3.2.14","wireshark-3.2.15","wireshark-3.2.16","wireshark-3.2.17","wireshark-3.2.18"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wireshark/OSV-2020-629.yaml"}}],"schema_version":"1.7.3"}