CVE-2023-45675
Last modified
CVE-2023-45675 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. EPSS estimates a 0.76% chance of exploitation in the next 30 days.
Description
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if the len read in `start_decoder` is `-1` and `len + 1` becomes 0 when passed to `setup_malloc`. The `setup_malloc` behaves differently when `f->alloc.alloc_buffer` is pre-allocated. Instead of returning `NULL` as in `malloc` case it shifts the pre-allocated buffer by zero and returns the currently available memory block. This issue may lead to code execution.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nothings | Stb Vorbis.C | 1.22 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-45675?
How severe is CVE-2023-45675?
How do I fix CVE-2023-45675?
Are you affected by CVE-2023-45675?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST