| Title | LibreDWG libredwg main branch @0b57303 (latest as of 2026-04-29) Heap-buffer-overflow (Out-of-bounds Heap Read) |
|---|
| Description | LibreDWG is an open-source library for reading and writing DWG files. A heap buffer overflow vulnerability has been discovered in its dwgbmp utility.
When processing a malformed DWG file, an out-of-bounds heap read operation occurs in the bit_read_RC() function at src/bits.c:281 during the decompression of R2004 compressed sections. This vulnerability can be exploited by a malicious attacker to cause a denial of service (application crash) by crafting a specially designed DWG file.
This vulnerability is related to issue #1248. The developer has submitted a fix commit (87c63bf) on May 3, 2026, which addresses this issue by checking section address bounds and clamping data_size. |
|---|
| Source | ⚠️ https://github.com/LibreDWG/libredwg/issues/1255 |
|---|
| User | pwn3rd (UID 97480) |
|---|
| Submission | 05/18/2026 05:23 (23 days ago) |
|---|
| Moderation | 06/04/2026 20:07 (18 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 365549 [GNU LibreDWG up to 0.14 Dwgbmp Utility src/decode.c read_2004_compressed_section out-of-bounds] |
|---|
| Points | 0 |
|---|