Bug 2077019 (CVE-2022-28041) - CVE-2022-28041 stb: integer overflow in stbi__jpeg_decode_block_prog_dc() can lead to DoS
Summary: CVE-2022-28041 stb: integer overflow in stbi__jpeg_decode_block_prog_dc() can...
Keywords:
Status: NEW
Alias: CVE-2022-28041
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2083035 2077020 2077021 2077054
Blocks: 2077041
TreeView+ depends on / blocked
 
Reported: 2022-04-20 13:48 UTC by Guilherme de Almeida Suckevicz
Modified: 2022-05-09 06:45 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2022-04-20 13:48:32 UTC
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Reference:
https://github.com/nothings/stb/issues/1292

Upstream patch:
https://github.com/nothings/stb/pull/1297

Comment 1 Guilherme de Almeida Suckevicz 2022-04-20 13:48:51 UTC
Created stb tracking bugs for this issue:

Affects: epel-all [bug 2077021]
Affects: fedora-all [bug 2077020]

Comment 2 Ben Beasley 2022-04-23 15:25:37 UTC
Created PR for sdrpp: https://src.fedoraproject.org/rpms/sdrpp/pull-request/2

Comment 3 Ben Beasley 2022-04-23 15:34:58 UTC
Created PR for gamescope: https://src.fedoraproject.org/rpms/gamescope/pull-request/2

Comment 4 Ben Beasley 2022-04-23 17:04:35 UTC
Created PR for zxing-cpp: https://src.fedoraproject.org/rpms/zxing-cpp/pull-request/2

Comment 5 Ben Beasley 2022-04-23 17:17:43 UTC
Created PR for mlpack: https://src.fedoraproject.org/rpms/mlpack/pull-request/5

Comment 6 Ben Beasley 2022-04-23 17:46:18 UTC
Created PR for CuraEngine: https://src.fedoraproject.org/rpms/CuraEngine/pull-request/21

Created PR for assimp: https://src.fedoraproject.org/rpms/assimp/pull-request/5

That should generally cover the dependent packages that build with header-only stb_image from the stb package. There are a couple of others (SOIL, SFML) that are based on forks of older stb_image versions or have otherwise never been adjusted to use an external stb_image.

Comment 7 Fedora Update System 2022-05-02 07:08:09 UTC
FEDORA-2022-bc606b86f4 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 8 Fedora Update System 2022-05-02 07:30:37 UTC
FEDORA-2022-cc64b21327 has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 9 Fedora Update System 2022-05-07 04:30:27 UTC
FEDORA-2022-0125d9cd29 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.