15 matches found
CVE-2020-13520
CVE-2020-13520 affects Pixar OpenUSD 20.05. The issue is an out-of-bounds memory corruption when reconstructing paths from binary USD files, triggered by a specially crafted malformed file. This can lead to remote code execution if a victim processes the attacker-provided file. Connected sources ...
CVE-2020-13524
CVE-2020-13524 is an out-of-bounds memory corruption vulnerability in Pixar OpenUSD 20.05 that occurs when parsing SPECS data from binary USD files. A specially crafted malformed USD file can trigger an out-of-bounds memory access/modification, leading to memory corruption. Exploitation details a...
CVE-2020-13498
Pixar OpenUSD 20.05 is vulnerable to an out-of-bounds read related to index handling in the USD binary file format. The Talos report details three CVEs (TfToken, String, and SdfPath index reads) where missing bounds checks on internal token/path indices can allow reading beyond the allocated arra...
CVE-2020-13496
CVE-2020-13496 affects Pixar OpenUSD 20.05. The TALOS report documents a TfToken Type Index Out Of Bounds Read in the crate parsing path: the code retrieves a token index without proper bounds checks, leading to an out-of-bounds access to the _tokens array and potential information disclosure or ...
CVE-2020-13497
CVE-2020-13497 affects Pixar OpenUSD 20.05. The vulnerability is a String Type Index out-of-bounds read in USD crate parsing, triggered by a specially crafted malformed file. It can lead to memory access violations and potential information disclosure or memory corruption. The Talos report confir...
CVE-2020-13493
Pixar OpenUSD 20.05 is affected by a set of heap overflow vulnerabilities in the USDC file format when parsing compressed sections. The TALOS report details multiple CVEs (CVE-2020-6147, -6148, -6149, -6150, -6156) where buffers sized from file-provided counts (numFields, numFieldSets, numPaths, ...
CVE-2020-13531
Pixar OpenUSD 20.08 contains a use-after-free in the processing of reference paths in textual USD files, disclosed via multiple sources including TALOS-2020-1145. The vulnerability stems from stale SdfPath references being reused after freeing memory during validation of layer offsets for referen...
CVE-2020-6147
Pixar OpenUSD 20.05 vulnerability CVE-2020-6147 involves heap overflow when parsing USDC binary sections with compression. Four compressed sections (FIELDS, FIELDSETS, PATHS, SPECS) can trigger overflows because allocated buffers depend on file-provided counts while read sizes come from the same ...
CVE-2020-6156
Pixar OpenUSD 20.05 is affected by multiple heap overflow vulnerabilities in the USDC/USD binary file format handling. The issues occur when parsing compressed sections (FIELDS, FIELDSETS, PATHS, SPECS) and path element data, where decompression buffers are sized from file-provided counts and th...
CVE-2020-6149
Pixar OpenUSD 20.05 is affected by heap overflow vulnerabilities in the USD binary file format USDC sections (PATHS, FIELDS, FIELDSETS, SPECS, etc.). The TALOS advisory details multiple CVEs (including CVE-2020-6149) where decompressing specific sections of binary USD files can lead to heap-based...
CVE-2020-13495
Pixar OpenUSD 20.05 is affected. A specially crafted malformed binary USD file can trigger an out-of-bounds memory access in how file offsets are handled, potentially leading to disclosure of sensitive information. Exploitation details appear via PoCs in a referenced advisory; the attack requires...
CVE-2020-6155
Pixar OpenUSD 20.05 binary file format vulnerability: two code paths (compressed integer and floating-point arrays) can trigger a heap-based buffer overflow while decoding the reps array in binary USD files. The overflow arises when a size read from the file and a later, larger size are used to a...
CVE-2020-13494
Pixar OpenUSD 20.05 contains a heap overflow in parsing compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap-based buffer overflow, leading to out-of-bounds memory access and potential information disclosure. Exploitation requires the victim to open ...
CVE-2020-6148
CVE-2020-6148 maps to Pixar OpenUSD 20.05. The vulnerability is a set of heap overflow flaws in the USD binary file format when processing compressed sections (FIELDS, FIELDSETS, PATHS, SPECS) in USDC/USD files. The root cause is incorrect buffer sizing during decompression reads, where read size...
CVE-2020-6150
Four heap overflow CVEs in Pixar OpenUSD 20.05 related to USDC file format decompression of SPECS, FIELDS, FIELDSETS, and PATHS sections. TALOS-2020-1094 details exact code paths (crateFile.cpp) where unvalidated section sizes and mismatched ReadContiguous/decompression buffers allow heap-based o...