CVE-2020-28630
Description
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sedge() seh->snext().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds read in CGAL's Nef polygon parser allows code execution via specially crafted malformed files in CGAL-5.1.1.
Vulnerability
An out-of-bounds read vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL‑5.1.1, specifically in Nef_S2/SNC_io_parser.h within the SNC_io_parser::read_sedge() function when accessing seh->snext(). The bug is triggered when the parser handles a specially crafted malformed .nef3 file, leading to insufficient bounds checking and type confusion. CGAL‑5.1.1 and potentially earlier versions are affected [1].
Exploitation
No authentication or user interaction beyond opening a malformed file is required. An attacker can deliver a crafted .nef3 file (or other Nef polygon input) to a target application that uses CGAL's parsing routines. When the file is parsed, the vulnerable read_sedge code path is exercised, resulting in an out-of-bounds read offset that can corrupt adjacent memory [1].
Impact
Successful exploitation can lead to arbitrary code execution in the context of the process using libcgal. The confidentiality, integrity, and availability of the system are fully compromised (CVSSv3 10.0) [1].
Mitigation
CGAL has addressed these vulnerabilities in version 5.4.1 and later, according to the Gentoo security advisory [2]. Users should upgrade to >=sci-mathematics/cgal-5.4.1. No known workaround exists for unpatched versions. The vulnerability is not currently listed in CISA's Known Exploited Vulnerabilities catalog.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- CGAL Project/libcgalv5Range: CGAL-5.1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- security.gentoo.org/glsa/202305-34mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/12/msg00011.htmlmitremailing-list
- talosintelligence.com/vulnerability_reports/TALOS-2020-1225mitre
News mentions
0No linked articles in our index yet.