CVE-2023-0996 - Vulnerability Details - OpenCVE

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Struktur	Libheif

Configuration 1 [-]

cpe:2.3:a:struktur:libheif:1.14.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/strukturag/libheif/pull/759
https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html

History

Tue, 11 Mar 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published: 2023-02-24T03:35:58.752Z

Updated: 2025-03-11T20:47:36.950Z

Reserved: 2023-02-24T03:17:18.663Z

Link: CVE-2023-0996

Vulnrichment

Updated: 2024-08-02T05:32:46.260Z

NVD

Status : Modified

Published: 2023-02-24T04:15:12.317

Modified: 2025-03-11T21:15:39.683

Link: CVE-2023-0996

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0996", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "state": "PUBLISHED", "assignerShortName": "GovTech CSG", "dateReserved": "2023-02-24T03:17:18.663Z", "datePublished": "2023-02-24T03:35:58.752Z", "dateUpdated": "2025-03-11T20:47:36.950Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "libheif", "repo": "https://github.com/strukturag/libheif", "vendor": "Struktur", "versions": [{"status": "affected", "version": "1.14.2"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.<u></u><u></u></p><br>\n\n"}], "value": "\nThere is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2023-02-24T03:35:58.752Z"}, "references": [{"url": "https://github.com/strukturag/libheif/pull/759"}, {"url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:32:46.260Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/strukturag/libheif/pull/759", "tags": ["x_transferred"]}, {"url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-11T20:46:37.332139Z", "id": "CVE-2023-0996", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-11T20:47:36.950Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/strukturag/libheif/pull/759", "tags": ["x_transferred"]}, {"url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:32:46.260Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-0996", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-11T20:46:37.332139Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-11T20:47:32.125Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "affected": [{"repo": "https://github.com/strukturag/libheif", "vendor": "Struktur", "product": "libheif", "versions": [{"status": "affected", "version": "1.14.2"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/strukturag/libheif/pull/759"}, {"url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nThere is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.<u></u><u></u></p><br>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "shortName": "GovTech CSG", "dateUpdated": "2023-02-24T03:35:58.752Z"}}}, "cveMetadata": {"cveId": "CVE-2023-0996", "state": "PUBLISHED", "dateUpdated": "2025-03-11T20:47:36.950Z", "dateReserved": "2023-02-24T03:17:18.663Z", "assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd", "datePublished": "2023-02-24T03:35:58.752Z", "assignerShortName": "GovTech CSG"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:struktur:libheif:1.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "91D5E710-7894-4E2C-BE7B-9957FCFF6FC3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nThere is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.\n\n\n\n\n"}], "id": "CVE-2023-0996", "lastModified": "2025-03-11T21:15:39.683", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-02-24T04:15:12.317", "references": [{"source": "cve_disclosure@tech.gov.sg", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/strukturag/libheif/pull/759"}, {"source": "cve_disclosure@tech.gov.sg", "tags": ["Third Party Advisory"], "url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/strukturag/libheif/pull/759"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html"}], "sourceIdentifier": "cve_disclosure@tech.gov.sg", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "cve_disclosure@tech.gov.sg", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}