An update for stb is now available for openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1583 Final 1.0 1.0 2024-05-17 Initial 2024-05-17 2024-05-17 openEuler SA Tool V1.0 2024-05-17 stb security update An update for stb is now available for openEuler-22.03-LTS-SP3. Single-file public domain libraries for C/C++. Security Fix(es): stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution.(CVE-2023-45681) A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.(CVE-2023-47212) An update for stb is now available for openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical stb https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1583 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-45681 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-47212 https://nvd.nist.gov/vuln/detail/CVE-2023-45681 https://nvd.nist.gov/vuln/detail/CVE-2023-47212 openEuler-22.03-LTS-SP3 stb_tilemap_editor-devel-0.42.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_voxel_render-devel-0.89.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_sprintf-devel-1.10.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_dxt-devel-1.12.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_image_write-devel-1.16.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_hexwave-devel-0.5.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_image_resize-devel-0.97.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_image-devel-2.27.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_vorbis-devel-1.22.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_easy_font-devel-1.1.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_divide-devel-0.94.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_herringbone_wang_tile-devel-0.7.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb-devel-0.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_truetype-devel-1.26.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_perlin-devel-0.5.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_connected_components-devel-0.96.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_rect_pack-devel-1.1.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_ds-devel-0.67.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_leakcheck-devel-0.6.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_c_lexer-devel-0.12.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb_textedit-devel-1.14.20220908git8b5f1f3-0.16.oe2203sp3.aarch64.rpm stb-help-0.20220908git8b5f1f3-0.16.oe2203sp3.noarch.rpm stb-0.20220908git8b5f1f3-0.16.oe2203sp3.src.rpm stb_connected_components-devel-0.96.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_image-devel-2.27.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_sprintf-devel-1.10.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_leakcheck-devel-0.6.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_c_lexer-devel-0.12.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb-devel-0.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_truetype-devel-1.26.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_divide-devel-0.94.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_voxel_render-devel-0.89.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_image_write-devel-1.16.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_tilemap_editor-devel-0.42.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_herringbone_wang_tile-devel-0.7.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_image_resize-devel-0.97.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_easy_font-devel-1.1.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_ds-devel-0.67.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_hexwave-devel-0.5.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_perlin-devel-0.5.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_rect_pack-devel-1.1.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_vorbis-devel-1.22.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_dxt-devel-1.12.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_textedit-devel-1.14.20220908git8b5f1f3-0.16.oe2203sp3.x86_64.rpm stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution. 2024-05-17 CVE-2023-45681 openEuler-22.03-LTS-SP3 High 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H stb security update 2024-05-17 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1583 A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. 2024-05-17 CVE-2023-47212 openEuler-22.03-LTS-SP3 Critical 9.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H stb security update 2024-05-17 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1583