UBUNTU-CVE-2023-35953

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2023-35953

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-35953.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-35953

Related

CVE-2023-35953

Published

2024-05-28T14:15:00Z

Modified

2025-04-23T15:17:55Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsible for parsing comments within the geometric vertices section within an OFF file.

References

Affected packages

Ubuntu:Pro:18.04:LTS / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@1.39.1+dfsg-3?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.37.0+dfsg-1.1

1.37.0+dfsg-1.1build1

1.38.0+dfsg-1

1.39.0+dfsg-1

1.39.1+dfsg-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@2.1.1+dfsg-2ubuntu1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.39.2+dfsg-1build3

1.39.2+dfsg-1build4

2.*

2.1.1+dfsg-1

2.1.1+dfsg-2

2.1.1+dfsg-2build1

2.1.1+dfsg-2build2

2.1.1+dfsg-2ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@2.4.0+dfsg-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.1+dfsg-1

2.4.0+dfsg-1

2.4.0+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@2.8.0+dfsg-1?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.2+dfsg-1build2

2.7.4+dfsg-1

2.7.5~rc1+dfsg-1

2.8.0+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@2.7.2+dfsg-1build2?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.5.2+dfsg-1

2.7.2+dfsg-1build1

2.7.2+dfsg-1build2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / slic3r-prusa

Package

Name: slic3r-prusa
Purl: pkg:deb/ubuntu/slic3r-prusa@2.9.1+dfsg-1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.8.0+dfsg-1

2.8.1+dfsg2-2

2.9.0+dfsg-1

2.9.1+dfsg-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}