CVE-2026-9529
Deferred Deferred - Pending Action
Null Pointer Dereference in GNU LibreDWG

Publication date: 2026-05-26

Last updated on: 2026-05-26

Assigner: VulDB

Description
A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulation results in null pointer dereference. The attack requires a local approach. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-05-26
Generated
2026-06-15
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-9529
EUVD
EUVD-2026-31788
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnu libredwg to 0.14 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is a NULL pointer dereference in the GNU LibreDWG library, specifically in the match_BLOCK_HEADER function of the dwggrep utility. When processing a malformed DWG file, the function attempts to access memory at a NULL address, causing the program to crash with a segmentation fault.

The issue arises from handling corrupted or intentionally malformed DWG files, leading to a crash due to a NULL pointer read access. This vulnerability requires local access to exploit and has been publicly disclosed.

Impact Analysis

Exploitation of this vulnerability can cause the affected application or utility to crash unexpectedly due to a NULL pointer dereference. This results in a denial of service condition, potentially disrupting normal operations.

Since the attack requires local access, an attacker with limited privileges could cause the application to terminate, which might affect availability but does not directly lead to data compromise.

Detection Guidance

This vulnerability can be detected by observing crashes or segmentation faults in the dwggrep tool of the libredwg library when processing malformed DWG files.

Fuzzing tests with intentionally malformed DWG input files can trigger the NULL pointer dereference, causing a segmentation fault (signal 11).

Using debugging tools such as AddressSanitizer during testing can help identify the crash point in the match_BLOCK_HEADER function of dwggrep.c.

A practical detection approach is to run dwggrep on suspicious or untrusted DWG files and monitor for crashes or segmentation faults.

Example command to test a DWG file for the vulnerability: ./dwggrep <malformed_or_untrusted_file.dwg> If the tool crashes with a segmentation fault, it indicates the presence of the vulnerability.

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable dwggrep tool on untrusted or malformed DWG files to prevent triggering the NULL pointer dereference.

Apply any available patches or updates to the libredwg library that address this vulnerability once they are released.

If patching is not immediately possible, consider restricting local access to systems running the vulnerable version to trusted users only, as the attack requires local access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9529. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart