Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 801367 (CVE-2020-28598) - <media-gfx/prusaslicer-2.3.1: remote code execution via malicious input (CVE-2020-{28594,28598})
Summary: <media-gfx/prusaslicer-2.3.1: remote code execution via malicious input (CVE-...
Status: RESOLVED FIXED
Alias: CVE-2020-28598
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://talosintelligence.com/vulnera...
Whiteboard: ~2 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-07-09 18:34 UTC by John Helmert III
Modified: 2022-03-19 18:21 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-07-09 18:34:38 UTC
CVE-2020-28598:

An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.


This was evidently not publicly reported (not referenced by CVE or blogpost
and no issues upstream with a few relevant keywords).
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:21:09 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:29:17 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:37:14 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:45:17 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 17:53:20 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:01:15 UTC Comment hidden (obsolete)
Comment 7 NATTkA bot gentoo-dev 2021-07-29 18:09:36 UTC
Package list is empty or all packages have requested keywords.
Comment 8 John Helmert III gentoo-dev Security 2021-08-21 02:23:38 UTC
CVE-2020-28594:

A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Comment 9 Matthew Smith gentoo-dev 2022-03-19 16:40:48 UTC
These two vulnerabilities were fixed in PrusaSlicer 2.3.1-rc, the oldest version we still have in tree is 2.4.0.

https://github.com/prusa3d/PrusaSlicer/releases/tag/version_2.3.1-rc
Comment 10 John Helmert III gentoo-dev Security 2022-03-19 18:21:06 UTC
Thanks! All done.