{"id":"OSV-2020-653","summary":"Heap-buffer-overflow in perfetto::base::Hash::Update","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14753\n\n```\nCrash type: Heap-buffer-overflow READ 1\nCrash state:\nperfetto::base::Hash::Update\nperfetto::base::StringView::Hash\nperfetto::trace_processor::StringPool::InternString\n```\n","modified":"2023-02-24T01:51:05.826070Z","published":"2020-07-01T00:00:22.674176Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14753"}],"affected":[{"package":{"name":"perfetto","ecosystem":"OSS-Fuzz","purl":"pkg:generic/perfetto"},"ranges":[{"type":"GIT","repo":"https://android.googlesource.com/platform/external/perfetto/","events":[{"introduced":"2ffc4a93685c45efec70e07c8acddf60eb1ae60a"},{"fixed":"71a18f6f4b01143a6ac7bba2261a4139076ea396"}]}],"versions":["android-10.0.0_r1","android-10.0.0_r10","android-10.0.0_r11","android-10.0.0_r12","android-10.0.0_r13","android-10.0.0_r14","android-10.0.0_r15","android-10.0.0_r16","android-10.0.0_r17","android-10.0.0_r18","android-10.0.0_r19","android-10.0.0_r2","android-10.0.0_r20","android-10.0.0_r21","android-10.0.0_r22","android-10.0.0_r23","android-10.0.0_r24","android-10.0.0_r25","android-10.0.0_r26","android-10.0.0_r27","android-10.0.0_r28","android-10.0.0_r29","android-10.0.0_r3","android-10.0.0_r30","android-10.0.0_r31","android-10.0.0_r32","android-10.0.0_r33","android-10.0.0_r34","android-10.0.0_r35","android-10.0.0_r36","android-10.0.0_r37","android-10.0.0_r38","android-10.0.0_r39","android-10.0.0_r4","android-10.0.0_r40","android-10.0.0_r41","android-10.0.0_r42","android-10.0.0_r43","android-10.0.0_r44","android-10.0.0_r45","android-10.0.0_r46","android-10.0.0_r47","android-10.0.0_r5","android-10.0.0_r6","android-10.0.0_r7","android-10.0.0_r8","android-10.0.0_r9","android-cts-10.0_r1","android-cts-10.0_r2","android-cts-10.0_r3","android-cts-10.0_r4","android-cts-10.0_r5","android-cts-10.0_r6","android-cts-10.0_r7","android-mainline-10.0.0_r1","android-mainline-10.0.0_r10","android-mainline-10.0.0_r2","android-mainline-10.0.0_r3","android-mainline-10.0.0_r4","android-mainline-10.0.0_r5","android-mainline-10.0.0_r7","android-mainline-10.0.0_r9","android-security-10.0.0_r48","android-security-10.0.0_r49","android-security-10.0.0_r50","android-security-10.0.0_r51","android-vts-10.0_r1","android-vts-10.0_r2","android-vts-10.0_r3","android-vts-10.0_r4","android-vts-10.0_r5","android-vts-10.0_r6","android-vts-10.0_r7","platform-tools-29.0.1","platform-tools-29.0.2","platform-tools-29.0.3","platform-tools-29.0.4","android-cts-10.0_r10","android-cts-10.0_r11","android-cts-10.0_r8","android-cts-10.0_r9","android-security-10.0.0_r52","android-security-10.0.0_r53","android-security-10.0.0_r54","android-security-10.0.0_r55","android-security-10.0.0_r56","android-security-10.0.0_r57","android-security-10.0.0_r58","android-security-10.0.0_r59","android-security-10.0.0_r60","android-security-10.0.0_r61","android-security-10.0.0_r62","android-security-10.0.0_r63","android-security-10.0.0_r64","android-security-10.0.0_r65","android-vts-10.0_r10","android-vts-10.0_r11","android-vts-10.0_r8","android-vts-10.0_r9","android-cts-10.0_r12","android-cts-10.0_r13","android-cts-10.0_r14","android-cts-10.0_r15","android-security-10.0.0_r66","android-security-10.0.0_r67","android-security-10.0.0_r68","android-security-10.0.0_r69","android-security-10.0.0_r70","android-security-10.0.0_r71","android-security-10.0.0_r72","android-security-10.0.0_r73","android-security-10.0.0_r74","android-security-10.0.0_r75","android-vts-10.0_r12","android-vts-10.0_r13","android-vts-10.0_r14","android-vts-10.0_r15"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/perfetto/OSV-2020-653.yaml"}}],"schema_version":"1.7.3"}