CVE-2025-11277
BaseFortify
Publication date: 2025-10-05
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| assimp | assimp | 6.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-11277 is a heap-based buffer overflow vulnerability in the Open Asset Import Library (Assimp) version 6.0.2, specifically in the function Q3DImporter::InternReadFile(). The vulnerability occurs when the code multiplies the texture width and height as unsigned 32-bit integers to calculate the total number of pixels. If these dimensions are very large, their product overflows and wraps around to a small value, causing the program to allocate a buffer that is too small. Subsequent writes to this buffer go out-of-bounds, leading to a heap-buffer-overflow. This happens because of missing bounds checking and the use of 32-bit arithmetic instead of 64-bit for size calculations. [1, 3]
How can this vulnerability impact me? :
This vulnerability can lead to heap-based buffer overflow, which may allow a local attacker to overwrite memory beyond the allocated buffer. This can compromise the confidentiality, integrity, and availability of the affected system by causing crashes, data corruption, or potentially enabling code execution. Exploitation requires local access, and a proof-of-concept exploit is publicly available, making it easier for attackers to exploit the flaw. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by running fuzzing tools with AddressSanitizer (ASan) and UndefinedBehaviorSanitizer (UBSan) enabled on the Assimp library version 6.0.2, specifically targeting the Q3DImporter::InternReadFile() function. Monitoring crash stack traces for heap-buffer-overflow errors at Q3DLoader.cpp line 317 can indicate exploitation. Example commands include compiling Assimp with clang and sanitizers enabled and running fuzz tests on Q3D files. Specific commands are not provided, but using sanitizers during testing is recommended. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include validating texture dimensions before processing to prevent integer overflow, and using 64-bit arithmetic for multiplication of texture width and height to avoid wraparound. Since no official patch or mitigation is documented, consider replacing the affected Assimp library version 6.0.2 with a safer alternative or a patched version once available. Implementing proper bounds checking in the code is essential to prevent exploitation. [1, 3, 2]