CVE-2023-1999

Name
CVE-2023-1999
Description
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. 
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://chromium.googlesource.com/webm/libwebp
MISC https://security.gentoo.org/glsa/202309-05

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:* libwebp >= 0.4.2 < 1.3.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libwebp 3.17-main 1.2.4-r3 Natanael Copa <ncopa@alpinelinux.org> fixed
libwebp 3.16-main 1.2.3-r2 Natanael Copa <ncopa@alpinelinux.org> fixed
libwebp 3.15-main 1.2.2-r2 Natanael Copa <ncopa@alpinelinux.org> fixed