CVE-2023-35951

Name of the Vulnerable Software and Affected Versions libigl version 2.4.0

Description The issue is related to multiple stack-based buffer overflow vulnerabilities in the readOFF.cpp functionality. These vulnerabilities can be triggered by a specially-crafted .off file, leading to a buffer overflow and allowing an attacker to execute arbitrary code. The vulnerabilities exist within the code responsible for parsing geometric vertices of an OFF file.

Recommendations For libigl version 2.4.0, consider disabling the readOFF.cpp functionality until a patch is available to prevent potential exploitation. Restrict access to parsing geometric vertices of OFF files to minimize the risk of arbitrary code execution. Avoid using specially-crafted .off files that can lead to buffer overflows. At the moment, there is no information about a newer version that contains a fix for this vulnerability.