GHSA-3w9w-9833-gcpv – directxtex_desktop_2019

Package

Manager: nuget
Name: directxtex_desktop_2019
Vulnerable Version: >=0 <2023.1.31.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader ### Impact A memory overwrite bug was reported by a security researcher in the **ConvertToSinglePlane** method via the *texconv* command-line tool when given an invalid height for planar video textures such as NV12. This can be a potential security bug for any clients of the library who follow the same pattern. This issue *does not* impact use of the DDS texture loader itself, only when combined with `ConvertToSinglePlane` for converting multi-planar video formats. All other functions in the library fail immediately if given images in planar formats. ### Patches The fix to the specific area as well as general hardening can be found in [this PR](https://github.com/microsoft/DirectXTex/pull/307) and will be included in the This bug has been fixed in the January 31, 2023 or later release of DirectXTex. ### Workarounds If your code makes use of **ConvertToSinglePlane**, you can validate that the width & height alignment requirements are met for the input image before calling the function.

Metadata

Created: 2023-01-26T19:52:50Z
Modified: 2023-02-08T22:38:31Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-3w9w-9833-gcpv/GHSA-3w9w-9833-gcpv.json
CWE IDs: []
Alternative ID: N/A
Finding: F111
Auto approve: 1