Bug 1200898 (CVE-2022-33025)

Summary: VUL-0: CVE-2022-33025: libredwg: Multiple issues were discovered in LibreDWG v0.12.4.4608
Product: [openSUSE] openSUSE Distribution Reporter: Alexander Bergmann <abergmann>
Component: BasesystemAssignee: Jan Engelhardt <jengelh>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann
Version: Leap 15.4   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/335427/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2022-06-24 07:19:46 UTC
SUSE:Factory:Head/libredwg

Multiple issues were discovered in LibreDWG v0.12.4.4608

CVE-2022-33025 - heap-use-after-free via the function decode_preR13_section at decode_r11.c
CVE-2022-33026 - heap buffer overflow via the function bit_calc_CRC at bits.c
CVE-2022-33027 - heap-use-after-free via the function dwg_add_handleref at dwg.c
CVE-2022-33028 - heap buffer overflow via the function dwg_add_object at decode.c
CVE-2022-33032 - heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c
CVE-2022-33033 - double-free via the function dwg_read_file at dwg.c
CVE-2022-33034 - stack overflow via the function copy_bytes at decode_r2007.c

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-33025
https://nvd.nist.gov/vuln/detail/CVE-2022-33026
https://nvd.nist.gov/vuln/detail/CVE-2022-33027
https://nvd.nist.gov/vuln/detail/CVE-2022-33028
https://nvd.nist.gov/vuln/detail/CVE-2022-33032
https://nvd.nist.gov/vuln/detail/CVE-2022-33033
https://nvd.nist.gov/vuln/detail/CVE-2022-33034
Comment 1 Alexander Bergmann 2022-06-24 07:24:24 UTC
I've missed one CVE:

- CVE-2022-33024 - Assertion `!dat->bit' failed. Aborted

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-33024