PT-2026-43136 · Gnu · Libredwg
Pwn3Rd
·
Published
2026-04-22
·
Updated
2026-05-28
·
CVE-2026-9504
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GNU LibreDWG versions prior to 0.15
Description
A weakness in the Dwggrep Utility component allows an out-of-bounds read, which occurs when the system accesses memory outside the intended boundary of a buffer. This issue is located in the
bit convert TU() function within the programs/dwggrep.c file. A local attacker can exploit this to cause a denial of service.Recommendations
Apply patch be996bf2178a40e98720f18c2414815d244413db.
As a temporary workaround, restrict the use of the
bit convert TU() function.Exploit
Fix
Buffer Overflow
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Libredwg