CVE-2023-1999: Double Free

June 20, 2023 (updated September 17, 2023)

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

References

chromium.googlesource.com/webm/libwebp
nvd.nist.gov/vuln/detail/CVE-2023-1999

Detect and mitigate CVE-2023-1999 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →