Login Sign Up

CVE-2020-21833

8.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

CVE-2020-21833 is a heap-based buffer overflow vulnerability in GNU LibreDWG's DWG file parser. Attackers can exploit this by crafting malicious DWG files to potentially execute arbitrary code or cause denial of service. This affects any application or service that uses LibreDWG to process DWG files.

💻 Affected Systems

Products:
  • GNU LibreDWG
Versions: Version 0.10 specifically (and possibly earlier versions with similar code)
Operating Systems: All platforms where LibreDWG runs (Linux, Windows, macOS)
Default Config Vulnerable: ⚠️ Yes
Notes: Any application or service that uses LibreDWG library to parse DWG files is vulnerable when processing untrusted input.

📦 What is this software?

Libredwg by Gnu

View all CVEs affecting Libredwg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the LibreDWG process, potentially leading to full system compromise.

🟠

Likely Case

Application crash (denial of service) when processing malicious DWG files, with potential for limited code execution in some scenarios.

🟢

If Mitigated

Application crash without code execution if memory protections like ASLR are effective.

🌐 Internet-Facing: MEDIUM - Only affects systems that accept and process DWG files from untrusted sources via LibreDWG.
🏢 Internal Only: LOW - Requires user interaction to open malicious DWG files or automated processing of untrusted files.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires the victim to process a malicious DWG file. The GitHub issue contains technical details that could aid exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 0.10.1 or later

Vendor Advisory: https://github.com/LibreDWG/libredwg/issues/188

Restart Required: No

Instructions:

1. Update LibreDWG to version 0.10.1 or later. 2. Recompile any applications using LibreDWG with the updated library. 3. Replace the vulnerable library in deployment environments.

🔧 Temporary Workarounds

Input validation for DWG files

all

Implement strict validation of DWG files before processing with LibreDWG

Sandbox LibreDWG processing

linux

Run LibreDWG in a container or sandbox with limited privileges

docker run --read-only --cap-drop=ALL -v /tmp:/tmp:ro your_app

🧯 If You Can't Patch

  • Disable LibreDWG processing of untrusted DWG files from external sources
  • Implement network segmentation to isolate systems using vulnerable LibreDWG versions

🔍 How to Verify

Check if Vulnerable:

Check if LibreDWG version is 0.10 or earlier: `libredwg --version` or check linked library version

Check Version:

libredwg --version

Verify Fix Applied:

Verify LibreDWG version is 0.10.1 or later: `libredwg --version | grep -q '0.10.1' && echo 'Patched'`

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing DWG files
  • Memory access violation errors in application logs

Network Indicators:

  • Unusual DWG file uploads to web applications
  • Multiple failed parsing attempts

SIEM Query:

source="application.log" AND ("segmentation fault" OR "buffer overflow" OR "access violation") AND "dwg"

📊 Metadata

CVE ID: CVE-2020-21833
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-21833, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)