Multiple vulnerabilities in GNU LibreDWG



Published: 2020-01-22
Risk Medium
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2020-6615
CVE-2020-6614
CVE-2020-6613
CVE-2020-6612
CVE-2020-6611
CVE-2020-6610
CVE-2020-6609
CWE-ID CWE-476
CWE-125
CWE-401
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
LibreDWG
Universal components / Libraries / Libraries used by multiple products

Vendor GNU

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU24480

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6615

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in "dwg_dynapi_entity_value" in dynapi.c. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447223

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU24479

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6614

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in "bfr_read" in decode.c. A remote attacker can perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447068

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU24478

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6613

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in "bit_search_sentinel" in bits.c. A remote attacker can perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447025

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU24464

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6612

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in "copy_compressed_bytes" in decode_r2007.c. A remote attacker can perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447169

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) NULL pointer dereference

EUVDB-ID: #VU24463

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6611

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in "get_next_owned_entity" in dwg.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447190

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Memory leak

EUVDB-ID: #VU24462

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6610

CWE-ID: CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform (DoS) attack on the target system.

The vulnerability exists due to memory leak in "read_sections_map" in decode_r2007.c. A remote attacker can perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU24461

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-6609

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in "read_pages_map" in decode_r2007.c. A remote attacker can perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

LibreDWG: 0.9.3.2564


CPE2.3 External links

http://github.com/LibreDWG/libredwg/issues/179#issue-544834443

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###