Out-of-bounds Memory Access

directxtex is vulnerable to Out-of-bound Memory Access. A remote attacker is able to overwrite memory through the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12, resulting in a system crash or disclosure of sensiti...

GHSA-3W9W-9833-GCPV Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader

Impact A memory overwrite bug was reported by a security researcher in the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same...

Improper Input Validation

Overview directxtexdesktop2019 is a DirectXTex texture processing library Affected versions of this package are vulnerable to Improper Input Validation in the ConvertToSinglePlane function in DirectXTexConvert.cpp, when processing an invalid height value from the DDS loader for planar video...

Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader

Impact A memory overwrite bug was reported by a security researcher in the ConvertToSinglePlane method via the texconv command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same...

PT-2023-32970 · Microsoft · Directxtex

Name of the Vulnerable Software and Affected Versions: DirectXTex versions prior to January 31, 2023 Description: A memory overwrite bug was reported in the ConvertToSinglePlane method when given an invalid height for planar video textures. This issue affects clients of the library who use the...