Primary

Context

libming Memory Leak Vulnerability in parseSWF_MORPHLINESTYLES Function

Vulnerability

A memory leak vulnerability has been identified in libming version 0.4.8. The issue arises in the parseSWF_MORPHLINESTYLES function, where memory allocated for processing morph line styles is not properly deallocated after parsing. This oversight leads to memory leaks during the processing of SWF files, potentially causing applications to consume excessive memory and degrade performance.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not released, causing increased memory usage over time. This can result in applications consuming excessive resources, potentially leading to performance degradation or application crashes.

Reproduction

The vulnerability can be reproduced by using libming version 0.4.8 to parse SWF files that contain morph line styles. The memory leak can be observed using tools like AddressSanitizer, which will report the leaked memory after the parsing process.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libming Memory Leak Vulnerability in parseSWF_MORPHLINESTYLES Function

Vulnerability

Impact

Reproduction

Affected Products

libming

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating