https://bugzilla.suse.com/show_bug.cgi?id=1225650 Bug ID: 1225650 Summary: VUL-0: CVE-2023-35952: meshlab: stack-based buffer overflow vulnerabilities exist in the readOFF.cpp Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/407913/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: martin.liska@suse.com Reporter: smash_bz@suse.de QA Contact: security-team@suse.de CC: stoyan.manolov@suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric faces section within an OFF file. References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35952 https://www.cve.org/CVERecord?id=CVE-2023-35952 https://bugzilla.redhat.com/show_bug.cgi?id=2283911 -- You are receiving this mail because: You are on the CC list for the bug.