Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains a heap-based use-after-free issue due to the stbijpeghuffdecode function...

Astra Linux - уязвимость в libstb

stbimage.h also known as the stb image loader, version 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...

Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file can trigger an attempt by stbiloadgifmainoutofmem to double-free the out variable. This occurs in stbiloadgifmain, because when the layers stride value is zero, the behavior is...

Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. When stbisetflipverticallyonload is set to TRUE, and reqcomp is set to a value that does not match the actual number of components per pixel, the library attempts to flip the image vertically. A specially...

Astra Linux - уязвимость в libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write operation in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz causes an...

Astra Linux - уязвимость в libstb

stbvorbis is a single-file MIT licensed library for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len read from startdecoder is -1, then len + 1 becomes 0 when...

Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file may trigger an out-of-bounds memcpy read in stbigifloadnext. This occurs because twoback points to a memory address that is lower than the start of the buffer. This issue could b...

Astra Linux - уязвимость в libstb

stbimage.h 2.27 contains a heap-based buffer within stbijpegload, which can lead to information disclosure or denial of service...

Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

Astra Linux - уязвимость в libstb

STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A properly crafted file may cause a memory allocation failure in the startdecoder function. In such cases, the function returns early; f-commentlist is set to NULL, but f-commentlistlength is not rese...

Astra Linux - уязвимость в libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

Astra Linux - уязвимость в libstb

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...

Astra Linux - уязвимость в libstb

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

Astra Linux - уязвимость в libstb

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

Debian dla-4493 : libstb-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4493 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected]...

Debian: Security Advisory (DLA-4493-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4493-1] libstb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 26, 2026 https://wiki.debian.org/LTS -...

DLA-4493-1 libstb - security update

Bulletin has no description...

Debian: Security Advisory (DLA-3305-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...