Vulnerabilities > CVE-2023-45680 - NULL Pointer Dereference vulnerability in Nothings STB Vorbis.C 1.22

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

nothings

CWE-476

NVD

Published: 2023-10-21

Updated: 2023-10-26

Summary

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, the `f->comment_list` is set to `NULL`, but `f->comment_list_length` is not reset. Later in `vorbis_deinit` it tries to dereference the `NULL` pointer. This issue may lead to denial of service.

Vulnerable Configurations

Part	Description	Count
Application	Nothings Nothings STB Vorbis.C 1.22	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L3660-L3666
https://github.com/nothings/stb/blob/5736b15f7ea0ffb08dd38af21067c314d6a3aae9/stb_vorbis.c#L4208-L4215
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/