CVE-2021-42716
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location.
Se ha detectado un problema en stb stb_image.h versión 2.27. El cargador de PNM interpretaba incorrectamente los archivos PGM de 16 bits como de 8 bits cuando los convertía a RGBA, conllevando a un desbordamiento del búfer cuando se reinterpreta posteriormente el resultado como un búfer de 16 bits. Un atacante podría potencialmente bloquear un servicio usando stb_image, o leer hasta 1024 bytes de datos de la pila no consecutivos sin control sobre la ubicación de lectura
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-10-19 CVE Reserved
- 2021-10-21 CVE Published
- 2024-07-06 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
https://github.com/nothings/stb/pull/1223 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/nothings/stb/issues/1166 | 2024-08-04 | |
https://github.com/nothings/stb/issues/1225 | 2024-08-04 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Nothings Search vendor "Nothings" | Stb Image.h Search vendor "Nothings" for product "Stb Image.h" | 2.27 Search vendor "Nothings" for product "Stb Image.h" and version "2.27" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 33 Search vendor "Fedoraproject" for product "Fedora" and version "33" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
|