Bug 1198582 (CVE-2022-28041)

Summary: VUL-1: CVE-2022-28041, CVE-2022-28042, CVE-2022-28048: stb: stb_image.h v2.27 multiple issues
Product: [openSUSE] openSUSE Distribution Reporter: Hu <cathy.hu>
Component: SecurityAssignee: Adrian Schröter <adrian.schroeter>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P4 - Low    
Version: Leap 15.4   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/329409/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Hu 2022-04-19 07:40:36 UTC 
CVE-2022-28041:
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2022-28042:
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

CVE-2022-28048:
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-28041
https://nvd.nist.gov/vuln/detail/CVE-2022-28042
https://nvd.nist.gov/vuln/detail/CVE-2022-28048

Upstream: 
https://github.com/nothings/stb/issues/1289
https://github.com/nothings/stb/issues/1292
https://github.com/nothings/stb/issues/1293
https://github.com/nothings/stb/pull/1297
Comment 1 Hu 2022-04-19 08:18:08 UTC 
Affected:
- openSUSE:Backports:SLE-15-SP3/stb           
- openSUSE:Backports:SLE-15-SP3:Update/stb
- openSUSE:Backports:SLE-15-SP4/stb
- openSUSE:Factory/stb
- openSUSE:Factory:RISCV/stb