Debian Security Advisory

DLA-3226-1 cgal -- LTS security update

Date Reported:
06 Dec 2022
Affected Packages:
cgal
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 985671.
In Mitre's CVE dictionary: CVE-2020-28601, CVE-2020-28602, CVE-2020-28603, CVE-2020-28604, CVE-2020-28605, CVE-2020-28606, CVE-2020-28607, CVE-2020-28608, CVE-2020-28609, CVE-2020-28610, CVE-2020-28611, CVE-2020-28612, CVE-2020-28613, CVE-2020-28614, CVE-2020-28615, CVE-2020-28616, CVE-2020-28617, CVE-2020-28618, CVE-2020-28619, CVE-2020-28620, CVE-2020-28621, CVE-2020-28622, CVE-2020-28623, CVE-2020-28624, CVE-2020-28625, CVE-2020-28626, CVE-2020-28627, CVE-2020-28628, CVE-2020-28629, CVE-2020-28630, CVE-2020-28631, CVE-2020-28632, CVE-2020-28633, CVE-2020-28634, CVE-2020-28635, CVE-2020-28636, CVE-2020-35628, CVE-2020-35629, CVE-2020-35630, CVE-2020-35631, CVE-2020-35632, CVE-2020-35633, CVE-2020-35634, CVE-2020-35635, CVE-2020-35636.
More information:

When parsing files containing Nef polygon data, several memory access violations may happen. Many of these allow code execution.

  • CVE-2020-28601

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-28602

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionality of CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_vertex() Halfedge_of[].

  • CVE-2020-28603

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionality of CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev().

  • CVE-2020-28604

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionality of CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_next().

  • CVE-2020-28605

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionality of CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_vertex().

  • CVE-2020-28606

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_face().

  • CVE-2020-28607

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() set_halfedge().

  • CVE-2020-28608

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_fc().

  • CVE-2020-28609

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_iv().

  • CVE-2020-28610

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_face().

  • CVE-2020-28611

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_first_out_edge().

  • CVE-2020-28612

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_begin().

  • CVE-2020-28613

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_last().

  • CVE-2020-28614

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_begin().

  • CVE-2020-28615

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_last().

  • CVE-2020-28616

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_begin().

  • CVE-2020-28617

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_last().

  • CVE-2020-28618

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfloop().

  • CVE-2020-28619

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->twin().

  • CVE-2020-28620

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->center_vertex():.

  • CVE-2020-28621

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->out_sedge().

  • CVE-2020-28622

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->incident_sface().

  • CVE-2020-28623

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().

  • CVE-2020-28624

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of.

  • CVE-2020-28625

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SLoop_of.

  • CVE-2020-28626

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->incident_volume().

  • CVE-2020-28627

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() ch->shell_entry_objects().

  • CVE-2020-28628

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() seh->twin().

  • CVE-2020-28629

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev().

  • CVE-2020-28630

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->snext().

  • CVE-2020-28631

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->source().

  • CVE-2020-28632

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->incident_sface().

  • CVE-2020-28633

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->prev().

  • CVE-2020-28634

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->next().

  • CVE-2020-28635

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->facet().

  • CVE-2020-28636

    A code execution vulnerability exists in the Nef polygon-parsing functionalityof CGAL. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-35628

    A code execution vulnerability exists in the Nef polygon-parsing functionalityof CGAL. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-35629

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sloop() slh->facet().

  • CVE-2020-35630

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->center_vertex().

  • CVE-2020-35631

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() SD.link_as_face_cycle().

  • CVE-2020-35632

    Multiple code execution vulnerabilities exists in the Nef polygon parsing functionalityof CGAL. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Edge_of.

  • CVE-2020-35633

    A code execution vulnerability exists in the Nef polygon-parsing functionalityof CGAL. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-35634

    A code execution vulnerability exists in the Nef polygon-parsing functionalityof CGAL. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-35635

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

  • CVE-2020-35636

    A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.

For Debian 10 buster, these problems have been fixed in version 4.13-1+deb10u1.

We recommend that you upgrade your cgal packages.

For the detailed security status of cgal please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cgal

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS