Nothing's STB Out-of-Bounds Read Vulnerability in Header Array Handler

Vulnerability

An out-of-bounds read vulnerability has been identified in Nothing's STB, prior to commit f056911. The issue arises in the function 'stbhw_build_tileset_from_image' within the Header Array Handler component. This vulnerability can be exploited remotely by manipulating the 'w' argument.

Impact

Exploitation of this vulnerability leads to an out-of-bounds read, which can potentially be used to read memory locations outside the intended buffer, possibly causing information disclosure or allowing further exploitation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nothing's STB Out-of-Bounds Read Vulnerability in Header Array Handler

Vulnerability

Impact

Affected Products

Nothing stb

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating