Unrated severityNVD Advisory· Published Oct 21, 2021· Updated Aug 4, 2024
CVE-2021-42716
CVE-2021-42716
Description
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- stb/stb_image.hdescription
- Range: = 2.27
- osv-coords7 versionspkg:rpm/opensuse/stb&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/zxing-cpp&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/stb&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/zxing-cpp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/zxing-cpp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/zxing-cpp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/zxing-cpp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3
< 2.32.1549563867.59e9702-bp153.2.3.1+ 6 more
- (no CPE)range: < 2.32.1549563867.59e9702-bp153.2.3.1
- (no CPE)range: < 1.2.0-9.7.1
- (no CPE)range: < 2.32.1549563867.59e9702-bp153.2.3.1
- (no CPE)range: < 1.2.0-9.7.1
- (no CPE)range: < 1.2.0-8.6.1
- (no CPE)range: < 1.2.0-8.6.1
- (no CPE)range: < 1.2.0-9.7.1
Patches
Vulnerability mechanics
References
12- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CI23LXPEV2GCDQTJSKO6CIILBDTI3R42/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FTZXHFZD36BGE5P6JF252NZZLKMGCY4T/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G2M5CRSGPRF7G3YB5CLU4FXW7ANNHAYT/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ID6II3RIKAMVGVMC6ZAQIXXYYDMTVC4N/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXX76TJMZBPN3NU542MGN6B7C7QHRFGB/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VP2YEXEAJWI76FPM7D7VXHWD3WESQEYC/mitrevendor-advisoryx_refsource_FEDORA
- github.com/nothings/stb/issues/1166mitrex_refsource_MISC
- github.com/nothings/stb/issues/1225mitrex_refsource_MISC
- github.com/nothings/stb/pull/1223mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.