CVE-2021-26825

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage() function at line: const sizet buffersize = (tgaheader.imagewidth * tgaheader.imageheight) * pixelsize; The bug leads to Dynamic stack buffer overflow. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.

References

Affected packages

Debian:11 / godot

Package

Name: godot
Purl: pkg:deb/debian/godot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2.3-stable-1

3.5.1-stable-1

3.5.1-stable-2

3.5.2-stable-1

3.5.2-stable-2

3.6+ds-1

3.6+ds-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / godot

Package

Name: godot
Purl: pkg:deb/debian/godot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2.3-stable-1

3.5.1-stable-1

3.5.1-stable-2

3.5.2-stable-1

3.5.2-stable-2

3.6+ds-1

3.6+ds-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / godot

Package

Name: godot
Purl: pkg:deb/debian/godot?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.5.1-stable-1

Affected versions

3.*

3.2.3-stable-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/godotengine/godot

Affected ranges

Type: GIT
Repo: https://github.com/godotengine/godot
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

4e7d75ccd350b98bccea517c034b367f52cf127e

Affected versions

1.*

1.0-stable

1.1-stable

2.*

2.0-stable

3.*

3.0-stable

3.1-stable

3.2-stable