Back to search
CVE-2021-42716
Published: Oct 21, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/nothings/stb/issues/1166
x_refsource_MISC
https://github.com/nothings/stb/pull/1223
x_refsource_MISC
https://github.com/nothings/stb/issues/1225
x_refsource_MISC
FEDORA-2021-001f25d986
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-d1446cd1ac
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-f8ba4a690e
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-0511a38484
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-082bea5b34
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-3fc69d203c
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-8ea648186c
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-16d848834d
vendor-advisory
x_refsource_FEDORA
FEDORA-2022-832689aa6b
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now