Heap-Based Buffer Overflow in libredwg Affects LibreDWG Software
CVE-2021-39525

8.8HIGH

Key Information:

Vendor: Gnu
Status: Libredwg
Vendor: CVE Published:; 20 September 2021

What is CVE-2021-39525?

A buffer overflow vulnerability has been identified in LibreDWG's libredwg library, specifically in the bit_read_fixed() function located within bits.c. This issue allows for a heap-based buffer overflow which can potentially lead to unauthorized data manipulation or compromise of system integrity, affecting versions before v0.10.1.3751. Users of affected versions are encouraged to update to the latest releases as a precautionary measure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/LibreDWG/libredwg/issues/261

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2021
Vulnerability Reserved
Aug 23, 2021

JSON

Gnu

What is CVE-2021-39525?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.