Bug 2141433 (CVE-2021-37789) - CVE-2021-37789 stb_image: heap-based buffer overflow
Summary: CVE-2021-37789 stb_image: heap-based buffer overflow
Keywords:
Status: NEW
Alias: CVE-2021-37789
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2141794 2141820 2141821 2141822
Blocks: 2139604
TreeView+ depends on / blocked
 
Reported: 2022-11-09 20:28 UTC by Marco Benatto
Modified: 2023-07-07 08:34 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in stb_image. This issue occurs while processing the frame header information when the plane sampling configurations are calculated in two different ways, generating different results due to integer approximation. The value is further used to access several buffers, leading to a heap based out-of-bound read. This causes a heap data leak or an application crash, resulting in a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Marco Benatto 2022-11-09 20:28:08 UTC 
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.
Comment 1 Marco Benatto 2022-11-10 18:18:43 UTC 
Created stbi tracking bugs for this issue:

Affects: fedora-all [bug 2141794]
Comment 2 Marco Benatto 2022-11-10 19:32:29 UTC 
Public commit for this issue:
https://github.com/nothings/stb/commit/5ba0baaa269b3fd681828e0e3b3ac0f1472eaf40
Note You need to log in before you can comment on or make changes to this bug.