| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAP6wrbXZsh1_Ub_TigBHTHmErDnrxpiBgjzGhdSnQYgANO3FNA@mail.gmail.com> Date: Sun, 1 Aug 2021 21:05:23 +0200 From: Marcin Kozlowski <marcinguy@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Stb_truetype library heap buffer overflows (many CVEs, no CVEs yet) Hi list, Posting here for transparency reasons. A 16k stars project, used in, I can imagine game engines, UI, Android/iOS/embedded. Used in another 30k stars project and 11k from even Google (also possibly not fixed). OpenCV 55k stars seems to be also affected (new branch only). Attack vector through malicious font. Buy me a beer if you will get bounty on it and initial fuzzing person https://github.com/nothings/stb/issues/618 Should this have a codename "BadSTB" lol. Thoughts? Per Developer library was not intended to work with untrusted data. Be careful when using it, consider a replacement. This is PSA. Thanks, P.S Full thread here: https://twitter.com/marcinguy/status/1421740689516339200?s=19 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists