CVE-2021-44961

Name of the Vulnerable Software and Affected Versions Slic3r libslic3r version 1.3.0 Slic3r libslic3r Master Commit b1a5500

Description A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r, where specially crafted stl files can exhaust available memory. Additionally, an out-of-bounds read vulnerability exists in the GCode::extrude() functionality, which could lead to information disclosure if a specially crafted stl file is provided.

Recommendations For Slic3r libslic3r version 1.3.0, consider disabling the PerimeterGenerator class until a patch is available to prevent memory exhaustion. For Slic3r libslic3r Master Commit b1a5500, restrict access to the GCode::extrude() functionality to minimize the risk of information disclosure. Avoid using specially crafted stl files with the affected versions of Slic3r libslic3r until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.