CVE-2023-35949 – CVE-2023-35949 is a stack-based buffer overflow... (How to Fix)

Q: What is the severity of CVE-2023-35949?

CVE-2023-35949 has a CVSS score of 7.8 (HIGH). CVE-2023-35949 is a stack-based buffer overflow vulnerability in libigl's OFF file parser that allows arbitrary code execution when processing malicious .off files. This affects applications using libigl v2.4.0 for 3D geometry processing. Attackers can exploit this by tricking users or automated systems into opening specially crafted OFF files.

📋 TL;DR

CVE-2023-35949 is a stack-based buffer overflow vulnerability in libigl's OFF file parser that allows arbitrary code execution when processing malicious .off files. This affects applications using libigl v2.4.0 for 3D geometry processing. Attackers can exploit this by tricking users or automated systems into opening specially crafted OFF files.

💻 Affected Systems

Products:

libigl

Versions: v2.4.0

Operating Systems: All platforms where libigl is used

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using libigl's readOFF.cpp functionality to parse OFF files is vulnerable. This includes 3D modeling software, CAD tools, and scientific visualization applications.

📦 What is this software?

Libigl by Libigl

View all CVEs affecting Libigl →

Libigl by Libigl

View all CVEs affecting Libigl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the vulnerable application, potentially leading to data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Application crash leading to denial of service, or limited code execution within the application's context allowing data exfiltration or further system exploitation.

🟢

If Mitigated

Application crash without code execution if memory protections (ASLR, DEP) are effective, or safe failure if input validation blocks malicious files.

🌐 Internet-Facing: MEDIUM - Risk exists if applications accept OFF files from untrusted sources via web interfaces or APIs, but requires specific file format exploitation.

🏢 Internal Only: LOW - Typically requires user interaction to open malicious files, though automated processing systems could be vulnerable.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires delivering a malicious OFF file to the vulnerable application. The Talos Intelligence report includes technical details that could facilitate exploit development.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.5.0 or later

Vendor Advisory: https://github.com/libigl/libigl/releases

Restart Required: Yes

Instructions:

1. Update libigl to version 2.5.0 or later. 2. Recompile any applications using libigl. 3. Restart affected applications and services.

🔧 Temporary Workarounds

Input validation for OFF files

all

Implement strict validation of OFF file headers and geometry data before passing to libigl parser

Sandbox parsing process

all

Run OFF file parsing in isolated container or sandbox with limited privileges

🧯 If You Can't Patch

Disable OFF file processing in affected applications if possible
Implement network segmentation to isolate systems using vulnerable libigl versions

🔍 How to Verify

Check if Vulnerable:

Check if application uses libigl v2.4.0 and includes readOFF.cpp functionality. Review source code or dependencies for libigl version.

Check Version:

Check build configuration or dependency files for libigl version. For compiled applications, use strings command or dependency analysis tools.

Verify Fix Applied:

Verify libigl version is 2.5.0 or later. Test with known safe OFF files to ensure functionality remains.

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing OFF files
Memory access violation errors in application logs
Unexpected process termination during file parsing

Network Indicators:

Unusual OFF file downloads from untrusted sources
Large or malformed OFF files being transferred

SIEM Query:

source="application_logs" AND ("segmentation fault" OR "access violation" OR "buffer overflow") AND process="*libigl*" OR file_extension=".off"

📊 Metadata

CVE ID: CVE-2023-35949

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: May 28, 2024

Last Updated: February 12, 2025

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35949, you might also want to check these: