stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` value is zero the behavior is implementation defined, but common that realloc frees the old memory and returns null pointer. Since it attempts to double-free the memory a few lines below the first “free”, the issue can be potentially exploited only in a multi-threaded environment. In the worst case this may lead to code execution.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-10-20T23:26:40.320Z
Updated: 2023-10-20T23:26:40.320Z
Reserved: 2023-10-10T14:36:40.860Z
Link: CVE-2023-45664
JSON object: View
NVD Information
Status : Modified
Published: 2023-10-21T00:15:09.003
Modified: 2023-11-04T06:15:53.193
Link: CVE-2023-45664
JSON object: View
Redhat Information
No data.
CWE