CVE-2020-35628
Description
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds read in CGAL's Nef polygon parser allows remote code execution via a crafted .nef3 file.
Vulnerability
An out-of-bounds read vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal version CGAL-5.1.1. The flaw resides in the SNC_io_parser::read_sloop() function within Nef_S2/SNC_io_parser.h, specifically when accessing slh->incident_sface. The parser fails to validate array indices, leading to an out-of-bounds read. This issue is classified as CWE-129 (Improper Validation of Array Index) [1].
Exploitation
An attacker can exploit this vulnerability by supplying a specially crafted malformed .nef3 file to an application that uses the CGAL library to parse Nef polygons. No authentication or user interaction is required beyond opening the malicious file. The out-of-bounds read can trigger a type confusion, which an attacker can leverage to achieve code execution [1].
Impact
Successful exploitation results in arbitrary code execution with the privileges of the process using the CGAL library. The CVSSv3 score is 10.0 (Critical), indicating a complete compromise of confidentiality, integrity, and availability (C:H/I:H/A:H) with a network attack vector and no privileges required [1].
Mitigation
The vulnerability is fixed in CGAL version 5.4.1 and later. Users should upgrade to this version or newer. No known workaround exists for this issue [4]. The Gentoo security advisory (GLSA 202305-34) recommends upgrading to >=sci-mathematics/cgal-5.4.1 [4].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- CGAL/libcgaldescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/mitrevendor-advisory
- security.gentoo.org/glsa/202305-34mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2021/05/msg00002.htmlmitremailing-list
- lists.debian.org/debian-lts-announce/2022/12/msg00011.htmlmitremailing-list
- talosintelligence.com/vulnerability_reports/TALOS-2020-1225mitre
News mentions
0No linked articles in our index yet.