| Titre | LibreDWG Project LibreDWG <= 0.14, main branch up to commit 6d6a339 (released 2026-04-10) Reachable Assertion (CWE-617) |
|---|
| Description | A reachable assertion vulnerability exists in the LibreDWG library, in versions up to and including 0.14, and the main branch up to commit 6d6a339 (2026-04-10). The vulnerability resides in the decompress_R2004_section function within src/decode.c at line 1293. This flaw is caused by inadequate validation of offset and position values when processing maliciously crafted DWG R2004 compressed section input data. During the decompression process, the internal position pointer pos becomes smaller than the expected comp_offset value, violating the assertion constraint (long)pos >= (long)comp_offset. This issue can be triggered by an attacker providing a specially crafted DWG file to the dwgread utility, leading to an assertion failure and immediate program abort (denial of service). |
|---|
| La source | ⚠️ https://github.com/LibreDWG/libredwg/issues/1242 |
|---|
| Utilisateur | pwn3rd (UID 97480) |
|---|
| Soumission | 27/04/2026 17:27 (il y a 1 mois) |
|---|
| Modérer | 25/05/2026 12:04 (28 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 365483 [GNU LibreDWG jusqu’à 0.14 Dwgread Utility src/decode.c decompress_R2004_section déni de service] |
|---|
| Points | 20 |
|---|