6 matches found
Astra Linux - уязвимость в libstb
It was discovered that stbimage.h v2.27 contains a heap-based use-after-free issue due to the stbijpeghuffdecode function...
Astra Linux - уязвимость в libstb
stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...
Astra Linux - уязвимость в libstb
stbimage is a single-file library licensed under MIT that is used for processing images. When stbisetflipverticallyonload is set to TRUE, and reqcomp is set to a value that does not match the actual number of components per pixel, the library attempts to flip the image vertically. A specially...
Astra Linux - уязвимость в libstb
stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file can trigger an attempt by stbiloadgifmainoutofmem to double-free the out variable. This occurs in stbiloadgifmain, because when the layers stride value is zero, the behavior is...
Astra Linux - уязвимость в libstb
stbvorbis is a single-file MIT licensed library for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len read from startdecoder is -1, then len + 1 becomes 0 when...
Astra Linux - уязвимость в libstb
stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...