Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-33864

StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32_t(m_BufferSize-m_InputSize) even though m_InputSize can exceed m_BufferSize.

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20230607 LPE and RCE i...
MISC: https://renderdoc.org/
MISC: https://www.qualys.com...
MISC: http://packetstormsecu...
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202311-10

Launchpad.net

CVE 2023-33864

Related bugs

References