AttackFeed by Joe Wagner | liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service  - Full Disclosure

liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Ron E on Aug 18

A crafted RPG Maker save file (`.lsd`) can trigger an integer overflow in
liblcf’s lcfstrings compressed integer decoding logic
(`LcfReader::ReadInt()`), resulting in an unbounded shift and accumulation
loop. The overflowed value is later used in buffer size allocations and
structure parsing, causing large memory access requests and parsing errors.

*Steps to Reproduce*

1. Use the attached `.lsd` file (see PoC section).

2. Run: `./lcfstrings…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
APPLE-SA-09-15-2025-2 iOS 18.7 and iPadOS 18.7  – Full Disclosure
September 16, 2025
Alert Feeds
Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617)  – Full Disclosure
August 18, 2025
Alert Feeds
KL-001-2025-015: Xorux LPAR2RRD Read Only User Log Download Exposing Sensitive Information  – Full Disclosure
July 28, 2025
Alert Feeds
Critical Security Report – Remote Code Execution via Persistent Discord WebRTC Automation  – Full Disclosure
September 8, 2025
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.