Vulnerabilities > CVE-2020-6612 - Out-of-bounds Read vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overread Buffers An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Nessus
NASL family | SuSE Local Security Checks |
NASL id | OPENSUSE-2020-96.NASL |
description | This update for libredwg fixes the following issues : libredwg was updated to release 0.10 : API breaking changes : - Added a new int *isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not. - removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and UNKNOWN_ENT left, with common_entity_data. - renamed BLOCK_HEADER.preview_data to preview, preview_data_size to preview_size. - renamed SHAPE.shape_no to style_id. - renamed CLASS.wasazombie to is_zombie. Bugfixes : - Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c. - Fixed encoding of added r2000 AUXHEADER address. - Fixed EED encoding from dwgrewrite. - Add several checks against [CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522], [CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524], [CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526], [CVE-2020-6615, boo#1160527] |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 133200 |
published | 2020-01-23 |
reporter | This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/133200 |
title | openSUSE Security Update : libredwg (openSUSE-2020-96) |
References
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html
- https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447169
- https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447169