CVE-2021-45343 in Ubuntu

CVE-2021-45343

Priority

Description

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of
libdxfrw allows an attacker to crash the application using a crafted DXF
document.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343
https://github.com/LibreCAD/LibreCAD/issues/1468
https://github.com/LibreCAD/LibreCAD/pull/1469

Notes

eslerm

provided PoC still crashes program after applying patch

Package

Source: librecad (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	needed
Ubuntu 20.04 LTS:	needed
Ubuntu 21.10:	needed
Ubuntu 22.04 LTS:	needs-triage

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-06-10 14:01:45 UTC (commit 22cd97abab61e5eccab4070a258ab5d6a94b972b)