Main Vulnerability Database Vulnerabilities #VU102292

Out-of-bounds write in stb_vorbis.c - CVE-2023-45678

Published: October 26, 2023 / Updated: January 3, 2025

Vulnerability identifier: #VU102292

CSH Severity: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2023-45678

CWE-ID: CWE-787

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
stb_vorbis.c

Software vendor:
Sean Barrett

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `submap_floor` and `submap_residue` are declared as arrays of 15 elements. This issue may lead to code execution.

Remediation

Install update from vendor's website.

External links

https://github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L4074-L4079
https://github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L753-L760
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/

Out-of-bounds write in stb_vorbis.c - CVE-2023-45678

Description

Remediation

External links

Please verify you're human