CVE-2022-28042 : stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the

stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

Published 2022-04-15 14:15:08

Updated 2023-02-23 18:49:41

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2022-28042

Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 36
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Matching versions
Nothings » Stb Image.h » Version: 2.27
cpe:2.3:a:nothings:stb_image.h:2.27:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-28042

EPSS FAQ

0.33%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-28042

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2022-28042

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-28042

https://github.com/nothings/stb/issues/1289

AddressSanitizer: heap-use-after-free in stbi__jpeg_huff_decode · Issue #1289 · nothings/stb · GitHub
Exploit;Issue Tracking;Third Party Advisory
https://github.com/nothings/stb/pull/1297

Additional stb_image fixes for bugs from ossfuzz and issues 1289, 1291, 1292, and 1293 by NeilBickford-NV · Pull Request #1297 · nothings/stb · GitHub
Patch;Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html

[SECURITY] [DLA 3305-1] libstb security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMBCMJGAZRQS55SNECUWZSC5URVLEZ5R/

[SECURITY] Fedora 36 Update: stb-0^20210910gitaf1a5bc-0.2.fc36 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FXLM5XL77SNH4IPTSXOQD7XL4E2EMIN/

[SECURITY] Fedora 35 Update: stb-0^20210910gitaf1a5bc-0.2.fc35 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I4HXIWU5HBOADXZVMREHT4YTO5WVYXEQ/

[SECURITY] Fedora 34 Update: stb-0^20210910gitaf1a5bc-0.2.fc34 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-28042

Products affected by CVE-2022-28042

Exploit prediction scoring system (EPSS) score for CVE-2022-28042

CVSS scores for CVE-2022-28042

CWE ids for CVE-2022-28042

References for CVE-2022-28042