Login Sign Up

CVE-2020-21836

8.8 HIGH
Denial of Service

📋 TL;DR

CVE-2020-21836 is a heap-based buffer overflow vulnerability in GNU LibreDWG's DWG file parser. Attackers can exploit this by crafting malicious DWG files to potentially execute arbitrary code or cause denial of service. Users and applications that process DWG files with vulnerable LibreDWG versions are affected.

💻 Affected Systems

Products:
  • GNU LibreDWG
Versions: Versions up to and including 0.10
Operating Systems: Linux, Windows, macOS, Unix-like systems
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using LibreDWG library to parse DWG files is vulnerable.

📦 What is this software?

Libredwg by Gnu

View all CVEs affecting Libredwg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the LibreDWG process, potentially leading to full system compromise.

🟠

Likely Case

Application crash (denial of service) when processing malicious DWG files.

🟢

If Mitigated

Limited to denial of service if memory protections (ASLR, DEP) are effective.

🌐 Internet-Facing: MEDIUM - Requires file upload/processing capability; not directly network-exploitable.
🏢 Internal Only: MEDIUM - Malicious DWG files could be introduced via email, downloads, or shared drives.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user or application to open a malicious DWG file; proof-of-concept exists in GitHub issue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 0.11 and later

Vendor Advisory: https://github.com/LibreDWG/libredwg/issues/188

Restart Required: No

Instructions:

1. Update LibreDWG to version 0.11 or later. 2. Recompile any applications using LibreDWG. 3. Replace old library files with patched versions.

🔧 Temporary Workarounds

Disable DWG file processing

all

Prevent LibreDWG from processing DWG files by disabling or removing the functionality.

# Configure applications to reject DWG files
# Remove LibreDWG library if not essential

Sandbox LibreDWG usage

linux

Run LibreDWG in a restricted environment (container, sandbox) to limit impact.

docker run --read-only -v /safe/input:/input libredwg-app
# Use AppArmor/SELinux policies

🧯 If You Can't Patch

  • Implement strict file upload validation to block DWG files from untrusted sources.
  • Use network segmentation to isolate systems running vulnerable LibreDWG versions.

🔍 How to Verify

Check if Vulnerable:

Check LibreDWG version: 'dwgread --version' or 'strings /path/to/libredwg.so | grep version'.

Check Version:

dwgread --version

Verify Fix Applied:

Confirm version is 0.11 or later and test with known malicious DWG file (use caution).

📡 Detection & Monitoring

Log Indicators:

  • Application crashes (segmentation faults) when processing DWG files
  • Unexpected memory access errors in system logs

Network Indicators:

  • Unusual outbound connections after DWG file processing
  • File uploads of DWG files to vulnerable systems

SIEM Query:

source="application.log" AND ("segmentation fault" OR "buffer overflow") AND process="libredwg"

📊 Metadata

CVE ID: CVE-2020-21836
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-21836, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)