assimp: Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile heap-based overflow

A flaw was found in the assimp library. Processing a specially crafted input file can trigger a heap-based buffer overflow due to an integer overflow when reading texture data, causing a crash to the application linked to the library and resulting in a denial of service...

CLSA-2025-1764083719 qt5-qt3d: Fix of CVE-2025-11277

CVE-2025-11277: fix heap-based buffer overflow in Q3DImporter::InternReadFile function of Q3DLoader.cpp...

UBUNTU-CVE-2025-11277

A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched locally. The exploit...

CVE-2025-11274 Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile allocation of resources

A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The exploit has been...

CVE-2025-11274

CVE-2025-11274 concerns Open Asset Import Library Assimp 6.0.2. The vulnerability affects Q3DImporter::InternReadFile in assimp/code/AssetLib/Q3D/Q3DLoader.cpp, where it reads materials (numMats) from the input without proper validation, leading to resource allocation that can be exploited. The a...