DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-5R97-79VW-QVM4: GHSA-5r97-79vw-qvm4: Integer Overflow and Memory Corruption in Microsoft DirectXTK12 SpriteFont Parser

#security #cve #cybersecurity #ghsa

GHSA-5r97-79vw-qvm4: Integer Overflow and Memory Corruption in Microsoft DirectXTK12 SpriteFont Parser

Vulnerability ID: GHSA-5R97-79VW-QVM4
CVSS Score: 5.3
Published: 2026-05-18

An integer overflow vulnerability exists in the 32-bit builds of the Microsoft DirectX Tool Kit for DirectX 12 (DirectXTK12). By supplying a crafted .spritefont file, an attacker can trigger out-of-bounds memory operations, potentially leading to memory corruption and remote code execution.

TL;DR

32-bit DirectXTK12 builds suffer from an integer overflow in BinaryReader::ReadArray. Malicious .spritefont files can bypass internal bounds checks, causing memory corruption and out-of-bounds reads.

Technical Details

  • CWE ID: CWE-190: Integer Overflow or Wraparound
  • Attack Vector: Network / Local File (AV:N)
  • CVSS 4.0 Score: 5.3 (Medium)
  • Impact: Memory Corruption, Out-of-bounds Read, Potential RCE
  • Exploit Status: No known public exploits (None)
  • Architectural Scope: Affects 32-bit only (x86/ARM)

Affected Systems

  • Microsoft DirectX Tool Kit for DirectX 12 (DirectXTK12)
  • directxtk12_desktop_win10 NuGet Package
  • directxtk12_uwp NuGet Package
  • 32-bit (x86/ARM) Windows Environments
  • directxtk12_desktop_win10: < 2026.5.8.1 (Fixed in: 2026.5.8.1)
  • directxtk12_uwp: < 2026.5.8.1 (Fixed in: 2026.5.8.1)

Code Analysis

Commit: c037a02

Fix for integer overflow in BinaryReader::ReadArray on 32-bit architectures.

Mitigation Strategies

  • Update NuGet packages directxtk12_desktop_win10 and directxtk12_uwp to the patched versions.
  • Migrate build targets from 32-bit (x86/ARM32) to 64-bit (x64/ARM64) architectures.
  • Restrict .spritefont loading to trusted, internally bundled application assets.

Remediation Steps:

  1. Identify all projects utilizing Microsoft DirectX Tool Kit for DirectX 12.
  2. Update package references in Visual Studio or relevant package managers to version 2026.5.8.1.
  3. Recompile all 32-bit targets and deploy the updated binaries.
  4. Audit asset-loading pathways to verify that no user-supplied .spritefont files are parsed by the application.

References

Read the full report for GHSA-5R97-79VW-QVM4 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)