Vulnerability Description
An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at line: const size_t buffer_size = (tga_header.image_width * tga_header.image_height) * pixel_size; The bug leads to Dynamic stack buffer overflow. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Godotengine | Godot Engine | <= 3.2 |
Related Weaknesses (CWE)
References
- https://github.com/godotengine/godot/pull/45702PatchThird Party Advisory
- https://github.com/godotengine/godot/pull/45702/filesPatchThird Party Advisory
- https://github.com/godotengine/godot/pull/45702PatchThird Party Advisory
- https://github.com/godotengine/godot/pull/45702/filesPatchThird Party Advisory
FAQ
What is CVE-2021-26825?
CVE-2021-26825 is a vulnerability with a CVSS score of 7.8 (HIGH). An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at l...
How severe is CVE-2021-26825?
CVE-2021-26825 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-26825?
Check the references section above for vendor advisories and patch information. Affected products include: Godotengine Godot Engine.