[Bug 1225651] New: VUL-0: CVE-2023-35953: meshlab: stack-based buffer overflow vulnerabilities exist in the readOFF.cpp
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1225651 Bug ID: 1225651 Summary: VUL-0: CVE-2023-35953: meshlab: stack-based buffer overflow vulnerabilities exist in the readOFF.cpp Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/407914/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: martin.liska@suse.com Reporter: smash_bz@suse.de QA Contact: security-team@suse.de CC: stoyan.manolov@suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric vertices section within an OFF file. References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-35953 https://www.cve.org/CVERecord?id=CVE-2023-35953 https://bugzilla.redhat.com/show_bug.cgi?id=2283914 -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1225651
Maintenance Automation
participants (1)
-
bugzilla_noreply@suse.com