CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image

2023-10-2023:26:08

CWE-125

GitHub_M

github.com

cve-2023-45661; stbi__gif_load_next; stb_image; memcpy read; out of bounds; crafted image file; internal memory leakage; memory address.

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

AI Score

6.7

Confidence

Low

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

partial

JSON

stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbi__gif_load_next. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory allocation information.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:nothings:stb_image:*:*:*:*:*:*:*:*"
    ],
    "vendor": "nothings",
    "product": "stb_image",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "2.28"
      }
    ],
    "defaultStatus": "unknown"
  }
]