openEuler 22.03 LTS SP2 update for stb

1) Out-of-bounds write

EUVDB-ID: #VU102289

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-45675

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write and lead to code execution.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 22.03 LTS SP2

stb-help: before 0.20220908git8b5f1f3-0.13

stb_herringbone_wang_tile-devel: before 0.7.20220908git8b5f1f3-0.13

stb_textedit-devel: before 1.14.20220908git8b5f1f3-0.13

stb_perlin-devel: before 0.5.20220908git8b5f1f3-0.13

stb_vorbis-devel: before 1.22.20220908git8b5f1f3-0.13

stb_rect_pack-devel: before 1.1.20220908git8b5f1f3-0.13

stb_leakcheck-devel: before 0.6.20220908git8b5f1f3-0.13

stb-devel: before 0.20220908git8b5f1f3-0.13

stb_image-devel: before 2.27.20220908git8b5f1f3-0.13

stb_divide-devel: before 0.94.20220908git8b5f1f3-0.13

stb_hexwave-devel: before 0.5.20220908git8b5f1f3-0.13

stb_voxel_render-devel: before 0.89.20220908git8b5f1f3-0.13

stb_ds-devel: before 0.67.20220908git8b5f1f3-0.13

stb_connected_components-devel: before 0.96.20220908git8b5f1f3-0.13

stb_image_resize-devel: before 0.97.20220908git8b5f1f3-0.13

stb_easy_font-devel: before 1.1.20220908git8b5f1f3-0.13

stb_truetype-devel: before 1.26.20220908git8b5f1f3-0.13

stb_c_lexer-devel: before 0.12.20220908git8b5f1f3-0.13

stb_dxt-devel: before 1.12.20220908git8b5f1f3-0.13

stb_sprintf-devel: before 1.10.20220908git8b5f1f3-0.13

stb_tilemap_editor-devel: before 0.42.20220908git8b5f1f3-0.13

stb_image_write-devel: before 1.16.20220908git8b5f1f3-0.13

stb: before 0.20220908git8b5f1f3-0.13

CPE2.3

• cpe:2.3:o:openeuler:openeuler:22.03:LTS SP2:*:*:*:*:*:*
• cpe:2.3:a:openeuler:stb-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_herringbone_wang_tile-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_textedit-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_perlin-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_vorbis-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_rect_pack-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_leakcheck-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_image-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_divide-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_hexwave-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_voxel_render-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_ds-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_connected_components-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_image_resize-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_easy_font-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_truetype-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_c_lexer-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_dxt-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_sprintf-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_tilemap_editor-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb_image_write-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:stb:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1410

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.