VDB
CVE-2023-45681
CVE-2023-45681
PUBLISHED
CVSS 7.300000190734863 HIGH
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution.
EPSS 0.05% · 15.7th percentile
Risk Scores
CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.05%
15.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| nothings | stb_vorbis.c | 1.22 |
| nothings | stb | 0 |
| nothings | stb | <= 1.22 |
Timeline
- Oct 20, 2023 CVE Published
- Oct 21, 2023 EPSS Score
- Nov 21, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
- Jan 22, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Mar 25, 2024 EPSS Score
- Apr 25, 2024 EPSS Score
- May 26, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 27, 2024 EPSS Score
- Aug 27, 2024 EPSS Score
References
- https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/ url
- https://github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3660-L3677 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBIPXOBWUHPAH4QHMVP2AWWAPDDZDQ66/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WRORYQ2Z2XXHPX36JHBUSDVY6IOMW2N/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/ url