VDB

GCVE-110-MAGEIA-2021-239

GCVE-110-MAGEIA-2021-239
Advisory Published
Vulnetix · Advisory published June 8, 2021
Updated cgal packages fix security vulnerabilities: An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28601). An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28636). An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-35628). An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume(). An attacker can provide malicious input to trigger this vulnerability (CVE-2020-35636). The cgal package has been updated to version 5.2.1, fixing the issues and other bugs. The openfoam and openscad packages have been rebuilt against the updated cgal library.

Affected Products

VendorProductVersionsPlatforms
Mageianvidia3900 (affected), 390.147-1.mga8.nonfree (unaffected)
Mageiacgal0 (affected), 5.2.1-1.mga8 (unaffected), 5.2.1-1.mga8 (unaffected), 0 (affected)
Mageiaopenfoam7-17.1.mga8 (unaffected), 0 (affected), 7-17.1.mga8 (unaffected), 0 (affected)
Mageiaopenscad0 (affected), 2021.01-1.1.mga8 (unaffected), 2021.01-1.1.mga8 (unaffected), 0 (affected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›