OGRECave Ogre Memory Management Vulnerability in STBIImageCodec
Vulnerability
A vulnerability exists in OGRECave Ogre versions through 14.4.1 within the STBIImageCodec::encode function. This issue stems from an improper handling of memory allocation and deallocation, where memory allocated by the STB image writing library is incorrectly freed using a different memory management operator. This mismatch creates undefined behavior, which can be exploited. The vulnerability requires local execution to be exploited.
Impact
Exploitation of this vulnerability leads to a memory management error, specifically an allocation-deallocation mismatch, which can cause undefined behavior in the application.
Reproduction
The vulnerability can be reproduced by compiling OGRECave Ogre with the Clang compiler, version 13.0.1, and using the AddressSanitizer and UndefinedBehaviorSanitizer. After building the application, the STBIImageCodec can be fuzzed with crafted input that triggers the memory management mismatch. This can be done using a proof-of-concept fuzzer that is available as part of the VulDB entry for this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.