CVE-2023-40890
Description
ZBar 0.23.90 has a stack-based buffer overflow in lookup_sequence that can be triggered by a specially crafted QR code, leading to info disclosure or arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ZBar 0.23.90 has a stack-based buffer overflow in lookup_sequence that can be triggered by a specially crafted QR code, leading to info disclosure or arbitrary code execution.
Vulnerability
A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar version 0.23.90. This flaw can be triggered by a specially crafted QR code, either input digitally or physically scanned by a vulnerable scanner. The issue lies in how the function handles certain malformed data, allowing an overflow on the stack. [1]
Exploitation
An attacker can exploit this vulnerability by providing a malicious QR code to a user or system using ZBar 0.23.90. The QR code can be submitted digitally (e.g., as an image file) or prepared for physical scanning. No special privileges are required; the exploit occurs during normal processing of the QR code by the vulnerable software. The precise sequence of steps involves crafting a QR code that triggers the overflow in lookup_sequence, leading to memory corruption. [1]
Impact
Successful exploitation could result in information disclosure (e.g., reading sensitive memory contents) or arbitrary code execution. In the latter case, the attacker may gain control of the affected process, potentially leading to full system compromise depending on the context (e.g., a scanning kiosk or server-side barcode processing). The exact privilege level achieved is not specified in the available references. [1]
Mitigation
As of the available references, no official fix or patched version for ZBar 0.23.90 has been disclosed. Users should monitor the ZBar project for updates. No workarounds are provided in the references. The CVE is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog at the time of writing. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
8- ZBar/ZBardescription
- osv-coords6 versionspkg:rpm/opensuse/zbar&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/zbar&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/zbar&distro=openSUSE%20Tumbleweedpkg:rpm/suse/zbar&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/zbar&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/zbar&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP4
< 0.23.1-150300.3.3.1+ 5 more
- (no CPE)range: < 0.23.1-150300.3.3.1
- (no CPE)range: < 0.23.1-150300.3.3.1
- (no CPE)range: < 0.23.90-5.1
- (no CPE)range: < 0.23.1-150300.3.3.1
- (no CPE)range: < 0.23.1-150300.3.3.1
- (no CPE)range: < 0.23.1-150300.3.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing bounds checking in the lookup_sequence function allows writing past the end of a fixed-size stack buffer."
Attack vector
An attacker crafts a malicious QR code that, when processed by the `lookup_sequence` function, triggers a stack-based buffer overflow [ref_id=1]. The overflow can lead to information disclosure or arbitrary code execution. The attacker can deliver the malicious QR code either by digitally inputting it (e.g., uploading an image) or by preparing it to be physically scanned by a vulnerable scanner [ref_id=1]. No authentication or special network access is required beyond the ability to present the QR code to the scanner.
Affected code
The vulnerability resides in the `lookup_sequence` function of ZBar 0.23.90. The advisory does not specify the exact source file or line numbers, but identifies this function as the location of the stack-based buffer overflow.
What the fix does
The advisory does not include a patch or specific remediation guidance [ref_id=1]. To fix the vulnerability, the developer would need to add bounds checking on the stack buffer used in `lookup_sequence` to prevent writing past its allocated size, or replace the fixed-size stack buffer with a dynamically allocated one. Without a published fix, users should monitor the ZBar project for a patched release.
Preconditions
- inputThe attacker must be able to present a specially crafted QR code to the scanner, either digitally (e.g., via an uploaded image) or physically (e.g., printed on paper).
- configThe vulnerable ZBar 0.23.90 must be used to decode the malicious QR code.
Generated on Jun 14, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25LZZQJGGZRPLKTRNRNOTAFQJIPS7WRP/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DC7V5YCLCPB36J2KY6WLZCABFLBRB665/mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2023/12/msg00001.htmlmitremailing-list
- hackmd.io/%40cspl/H1PxPAUnnmitre
News mentions
0No linked articles in our index yet.