Debian 10: DLA-2650-1 High-Risk: GnuTLS Remote Exploitation Vulnerabilities
debian lts
May 5, 2021
Four security issues have been discovered in cgal
Topics Covered
Summary
CVE-2020-28601
An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex()
Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability.
CVE-2020-28636
An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop()
slh->twin() An attacker can provide malicious input to trigger this vulnerability.
CVE-2020-35628
An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop()
slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.
CVE-2020-35636
An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface()
sfh->volume(). An attacker can provide malicious input to trigger this vulnerability.
For Debian 9 stretch, these problems have been fixed in version
4.9-1+deb9u1.
We recommend that you upgrade your cgal packages.
For the detailed security status of cgal please refer to
its security tracker page at:
PREVIOUS
NEXT
Package: cgal
Version: 4.9-1+deb9u1
CVE ID: CVE-2020-28601 CVE-2020-28636 CVE-2020-35628 CVE-2020-35636
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!