CVE-2023-45679Double Free in STB Vorbis.c

CWE-415Double Free4 documents4 sources
Severity
7.8HIGHNVD
CNA7.3
EPSS
0.1%
top 84.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nothings STBNothings STB Vorbis.c
Timeline
PublishedOct 21

Description

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, but some of the pointers in `f->comment_list` are left initialized and later `setup_free` is called on these pointers in `vorbis_deinit`. This issue may lead to code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5nothings/stb1.22

🔴Vulnerability Details

2
OSV
CVE-2023-45679: stb_vorbis is a single file MIT licensed library for processing ogg vorbis files2023-10-21
CVEList
Attempt to free an uninitialized memory pointer in vorbis_deinit in stb_vorbis2023-10-20

📋Vendor Advisories

1
Debian
CVE-2023-45679: libstb - stb_vorbis is a single file MIT licensed library for processing ogg vorbis files...2023
CVE-2023-45679 — Double Free in Nothings STB Vorbis.c | cvebase