Bug 1198582 - (CVE-2022-28041) VUL-1: CVE-2022-28041, CVE-2022-28042, CVE-2022-28048: stb: stb_image.h v2.27 multiple issues
(CVE-2022-28041)
VUL-1: CVE-2022-28041, CVE-2022-28042, CVE-2022-28048: stb: stb_image.h v2.27...
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.4
Other Other
: P4 - Low : Minor (vote)
: ---
Assigned To: Adrian Schröter
Security Team bot
https://smash.suse.de/issue/329409/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-04-19 07:40 UTC by Hu
Modified: 2022-04-19 08:18 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hu 2022-04-19 07:40:36 UTC
CVE-2022-28041:
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2022-28042:
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

CVE-2022-28048:
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-28041
https://nvd.nist.gov/vuln/detail/CVE-2022-28042
https://nvd.nist.gov/vuln/detail/CVE-2022-28048

Upstream: 
https://github.com/nothings/stb/issues/1289
https://github.com/nothings/stb/issues/1292
https://github.com/nothings/stb/issues/1293
https://github.com/nothings/stb/pull/1297
Comment 1 Hu 2022-04-19 08:18:08 UTC
Affected:
- openSUSE:Backports:SLE-15-SP3/stb           
- openSUSE:Backports:SLE-15-SP3:Update/stb
- openSUSE:Backports:SLE-15-SP4/stb
- openSUSE:Factory/stb
- openSUSE:Factory:RISCV/stb