Astra Linux – Vulnerability in CGal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

Vulnerability of the PM_io parser function: <PMDEC>::read_face() and store_fc() in the Nef_2/PM_io parser component. This is part of the CGAL computational geometry algorithm library, which allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PMioparser function in the Nef2/PMio parser component, located in the readface and storefc functions, within the CGAL computational geometry library, is related to reading data beyond the permissible buffer limits. Exploiting this vulnerability allows an attacker to gain...

Vulnerability of the PM_io parser function: <PMDEC>::read_face(), set_halfedge() in the Nef_2/PM_io parser component. This is part of the CGAL computational geometry algorithm library, which allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PMioparser function in the Nef2/PMioparser.h component, located in the computational geometry library, is related to unvalidated array indexing. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servi...