[3dprinter-general] Bug#1074415: slic3r-prusa: CVE-2020-28594 CVE-2020-28595 CVE-2020-28596 CVE-2020-28598
Moritz Mühlenhoff
jmm at inutil.org
Fri Jun 28 12:39:37 BST 2024
Source: slic3r-prusa
X-Debbugs-CC: team at security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerabilities were published for slic3r-prusa.
Although these are quite old, I believe they have never been properly
reported upstream and are unfixed to this day?
CVE-2020-28594[0]:
| A use-after-free vulnerability exists in the
| _3MF_Importer::_handle_end_model() functionality of Prusa Research
| PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted
| 3MF file can lead to code execution. An attacker can provide a
| malicious file to trigger this vulnerability.
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1218
CVE-2020-28595[1]:
| An out-of-bounds write vulnerability exists in the Obj.cpp
| load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and
| Master (commit 4b040b856). A specially crafted obj file can lead to
| code execution. An attacker can provide a malicious file to trigger
| this vulnerability.
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1219
CVE-2020-28596[2]:
| A stack-based buffer overflow vulnerability exists in the
| Objparser::objparse() functionality of Prusa Research PrusaSlicer
| 2.2.0 and Master (commit 4b040b856). A specially crafted obj file
| can lead to code execution. An attacker can provide a malicious file
| to trigger this vulnerability.
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1220
CVE-2020-28598[3]:
| An out-of-bounds write vulnerability exists in the Admesh
| stl_fix_normal_directions() functionality of Prusa Research
| PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted
| AMF file can lead to code execution. An attacker can provide a
| malicious file to trigger this vulnerability.
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1222
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-28594
https://www.cve.org/CVERecord?id=CVE-2020-28594
[1] https://security-tracker.debian.org/tracker/CVE-2020-28595
https://www.cve.org/CVERecord?id=CVE-2020-28595
[2] https://security-tracker.debian.org/tracker/CVE-2020-28596
https://www.cve.org/CVERecord?id=CVE-2020-28596
[3] https://security-tracker.debian.org/tracker/CVE-2020-28598
https://www.cve.org/CVERecord?id=CVE-2020-28598
Please adjust the affected versions in the BTS as needed.
More information about the 3dprinter-general
mailing list