UbuntuUSN-5957-1LibreCAD vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
88.1%
Releases
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
Packages
- librecad - Computer-aided design (CAD) system
Details
Cody Sixteen discovered that LibreCAD incorrectly
handled memory when parsing DXF files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-19105)
Lilith of Cisco Talos discovered that LibreCAD incorrectly
handled memory when parsing DWG files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-21898, CVE-2021-21899)
Lilith of Cisco Talos discovered that LibreCAD incorrectly
handled memory when parsing DRW files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-21900)
Albin EldstΓ₯l-Ahrens discovered that LibreCAD incorrectly
handled memory when parsing JWW files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-45341, CVE-2021-45342)
Albin EldstΓ₯l-Ahrens discovered that LibreCAD incorrectly
handled memory when parsing DXF files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service. (CVE-2021-45343)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 20.04 | noarch | librecad | <Β 2.1.3-1.2+deb10u1build0.20.04.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | librecad-data | <Β 2.1.3-1.2+deb10u1build0.20.04.1 | UNKNOWN |
| Ubuntu | 20.04 | noarch | librecad-dbgsym | <Β 2.1.3-1.2+deb10u1build0.20.04.1 | UNKNOWN |
| Ubuntu | 18.04 | noarch | librecad | <Β 2.1.2-1ubuntu0.1~esm1 | UNKNOWN |
| Ubuntu | 18.04 | noarch | librecad | <Β 2.1.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 18.04 | noarch | librecad-data | <Β 2.1.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 18.04 | noarch | librecad-dbgsym | <Β 2.1.2-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | librecad | <Β 2.0.9-2ubuntu0.1~esm1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | librecad | <Β 2.0.9-2 | UNKNOWN |
| Ubuntu | 16.04 | noarch | librecad-data | <Β 2.0.9-2 | UNKNOWN |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
88.1%