Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detection when STB is unavailable Loading the amdpmc module with the option amdpmc enablestb=1 may result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff...

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under the MIT license, designed for processing OGG Vorbis files. A properly crafted file may trigger an out-of-bounds read in the DECODE macro when var is negative. As can be seen in the definition of DECODERAW, a negative value for var is still a valid...

Astra Linux – Vulnerability in libstb

There is a heap-based buffer overflow vulnerability in the comment functionality of stbvorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to exploit this vulnerability...

SUSE CVE-2023-45664

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fixed a memory leak in amdpmcstbdebugfsopenv2. The function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism is enabled. When amdpmcsendcmd fails, the ‘buf’ variable needs to be released...

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

Astra Linux - уязвимость в libstb

Buffer overflow vulnerability in the function stbiextendreceive in stbimage.h in stb 2.26, caused by a crafted JPEG file...

Astra Linux – Vulnerability in libstb

It was discovered that Nothings stb 2.28 contains a Null Pointer Dereference issue through the stbiconvertformat function. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted PIC file...

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that processes images. It might seem like stbiloadgifmain does not provide any guarantees regarding the content of the output value delays in case of failure. Although it sets delays to zero at the beginning, it does not do so if the image is n...

[SECURITY] Fedora 44 Update: stb-0^20260313git904aa67-2.fc44

Single-file public domain libraries for C/C++...

[SECURITY] Fedora 42 Update: stb-0^20260313git904aa67-2.fc42

Single-file public domain libraries for C/C++...

[SECURITY] Fedora 43 Update: stb-0^20260313git904aa67-2.fc43

Single-file public domain libraries for C/C++...

Fedora 42 : stb (2026-651e3129a9)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-651e3129a9 advisory. Fix access/use of uninitialized memory in stbimage Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

SUSE CVE-2026-5313

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

SUSE CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

Linux Distros Unpatched Vulnerability : CVE-2026-5313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decode...

Linux Distros Unpatched Vulnerability : CVE-2026-5186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF Fil...

CVE-2026-5314

A flaw was found in Nothings stb, specifically within the stbttInitFontinternal function in the stbtruetype.h library. A remote attacker can exploit this vulnerability by performing a manipulation that leads to an out-of-bounds read. This can result in a Denial of Service DoS, making the affected...

CVE-2026-5317

A flaw was found in Nothings stb, a library used for processing audio. A remote attacker can exploit a vulnerability involving an out-of-bounds write within the startdecoder function. This issue could allow an attacker to cause the application to crash, disclose sensitive information, or corrupt...

EUVD-2026-18114

A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...