CVE-2026-9500
Heap-based Buffer Overflow in GNU LibreDWG
Publication date: 2026-05-25
Last updated on: 2026-05-26
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gnu | libredwg | to 0.14 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in GNU LibreDWG up to version 0.14, specifically in the function read_2004_compressed_section within the src/decode.c file of the Dwgread Utility component.
It is a heap-based buffer overflow that can be triggered by manipulating the function's input.
The attack requires local access to the system.
The exploit for this vulnerability has been made public, and the project has been informed but has not yet responded.
How can this vulnerability impact me? :
This vulnerability can lead to a heap-based buffer overflow, which may allow an attacker with local access to cause unexpected behavior such as application crashes or potentially execute arbitrary code.
The impact includes possible compromise of the affected system's integrity, confidentiality, and availability.
However, the CVSS scores indicate a low to medium severity, with the highest base score being 5.3 (CVSS v3.1), reflecting that the attack requires local access and privileges.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by processing specially crafted DWG R2004 files with the LibreDWG dwgread tool and monitoring for crashes or memory corruption.
Using AddressSanitizer or similar memory error detection tools while running dwgread on suspicious DWG files can help identify the heap-based buffer overflow.
A practical detection method is to run a command like: `dwgread <crafted_file.dwg>` where the crafted file is designed to trigger the vulnerability.
Monitoring for segmentation faults (SEGV) or abnormal crashes during this process indicates the presence of the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Since the vulnerability requires local access and is triggered by processing malicious DWG files, immediate mitigation steps include:
- Avoid opening or processing untrusted or suspicious DWG R2004 files with the LibreDWG dwgread tool.
- Restrict local access to systems running vulnerable versions of LibreDWG to trusted users only.
- Monitor for updates or patches from the LibreDWG project and apply them once available, as the project has not yet responded to the issue.
- Use memory protection and detection tools like AddressSanitizer during testing to identify exploitation attempts.