stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-10-20T23:26:56.100Z
Updated: 2024-07-11T15:56:42.884Z
Reserved: 2023-10-10T14:36:40.862Z
Link: CVE-2023-45681
JSON object: View
NVD Information
Status : Modified
Published: 2023-10-21T00:15:09.607
Modified: 2024-06-10T17:16:14.497
Link: CVE-2023-45681
JSON object: View
Redhat Information
No data.