Nothing STB Out-of-Bounds Read Vulnerability in stbhw_build_tileset_from_image Function

Vulnerability

A critical out-of-bounds read vulnerability has been identified in Nothing's STB product, in versions prior to f056911. The issue arises in the function stbhw_build_tileset_from_image, where improper handling of the h_count and v_count arguments allows for out-of-bounds memory access. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability leads to an out-of-bounds read, which can potentially be used to disclose sensitive information or cause a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nothing STB Out-of-Bounds Read Vulnerability in stbhw_build_tileset_from_image Function

Vulnerability

Impact

Affected Products

Nothing stb

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating