Unrated severityNVD Advisory· Published Oct 20, 2023· Updated Feb 13, 2025
0 byte write heap buffer overflow in start_decoder in stb_vorbis
CVE-2023-45675
Description
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f->vendor[len] = (char)'\0';. The root cause is that if the len read in start_decoder is -1 and len + 1 becomes 0 when passed to setup_malloc. The setup_malloc behaves differently when f->alloc.alloc_buffer is pre-allocated. Instead of returning NULL as in malloc case it shifts the pre-allocated buffer by zero and returns the currently available memory block. This issue may lead to code execution.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.cmitrex_refsource_MISC
- github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.cmitrex_refsource_MISC
- github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.cmitrex_refsource_MISC
- securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/mitrex_refsource_CONFIRM
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NMXKOKPP4BKTNUTF5KSRDQAWOUILQZNO/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVABVF4GEM6BYD5L4L64RCRSXUHY6LGN/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVQ7ONFH5GWLMXYEAJG32A3EUKUCEVCR/mitre
News mentions
0No linked articles in our index yet.