Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 801367 (CVE-2020-28598)

Summary: <media-gfx/prusaslicer-2.3.1: remote code execution via malicious input (CVE-2020-{28594,28598})
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: 3dprint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1222
Whiteboard: ~2 [noglsa]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-09 18:34:38 UTC 
CVE-2020-28598:

An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.


This was evidently not publicly reported (not referenced by CVE or blogpost
and no issues upstream with a few relevant keywords).
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:21:09 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:29:17 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:37:14 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:45:17 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 17:53:20 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:01:15 UTC Comment hidden (obsolete)
Comment 7 NATTkA bot gentoo-dev 2021-07-29 18:09:36 UTC 
Package list is empty or all packages have requested keywords.
Comment 8 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-08-21 02:23:38 UTC 
CVE-2020-28594:

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Comment 9 Matthew Smith gentoo-dev 2022-03-19 16:40:48 UTC 
These two vulnerabilities were fixed in PrusaSlicer 2.3.1-rc, the oldest version we still have in tree is 2.4.0.

https://github.com/prusa3d/PrusaSlicer/releases/tag/version_2.3.1-rc
Comment 10 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-19 18:21:06 UTC 
Thanks! All done.