PT-2026-43136 · Gnu · Libredwg

Pwn3Rd

·

Published

2026-04-22

·

Updated

2026-05-28

·

CVE-2026-9504

CVSS v3.1

3.3

Low

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions GNU LibreDWG versions prior to 0.15
Description A weakness in the Dwggrep Utility component allows an out-of-bounds read, which occurs when the system accesses memory outside the intended boundary of a buffer. This issue is located in the bit convert TU() function within the programs/dwggrep.c file. A local attacker can exploit this to cause a denial of service.
Recommendations Apply patch be996bf2178a40e98720f18c2414815d244413db. As a temporary workaround, restrict the use of the bit convert TU() function.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07298
CVE-2026-9504
OPENSUSE-SU-2026:10879-1

Affected Products

Libredwg