Lucene search

K

Veracode Vulnerability DatabaseVERACODE:43964

HistoryOct 24, 2023 - 10:40 a.m.

Out-of-Bounds Write

2023-10-2410:40:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6

out-of-bounds write

libstb.so

stb_vorbis.c

buffer overflow

heap-based

ogg vorbis file

vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

28.1%

libstb.so is vulnerable to Out-of-Bounds Writes. This vulnerability exists in the f->vendor[len] = (char)'\0' function of stb_vorbis.c because it does not properly allocate memory, which allows to an attacker to perform a heap-based buffer overflow via a crafted ogg vorbis file.

References

github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3652-L3658

github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3653

github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3658

github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3670C7-L3670C75

github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L950-L961

securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

28.1%

Related for VERACODE:43964

debiancve1 cve1 nvd1 prion1 ubuntucve1 cvelist1 nessus1 freebsd1