CVE-2023-45677 in stb_vorbisИнформация

Сводка

по MITRE • 25.10.2023

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` read in `start_decoder` is a negative number and `setup_malloc` successfully allocates memory in that case, but memory write is done with a negative index `len`. Similarly if len is INT_MAX the integer overflow len+1 happens in `f->vendor = (char*)setup_malloc(f, sizeof(char) * (len+1));` and `f->comment_list[i] = (char*)setup_malloc(f, sizeof(char) * (len+1));`. This issue may lead to code execution.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Ответственный

GitHub, Inc.

Резервировать

10.10.2023

Раскрытие

25.10.2023

Модерация

принято

Вход

VDB-243090

EPSS

0.00536

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!