CVE-2023-35951 – This vulnerability allows remote code execution... (How to Fix)

Q: What is the severity of CVE-2023-35951?

CVE-2023-35951 has a CVSS score of 7.8 (HIGH). This vulnerability allows remote code execution through specially crafted .off files in libigl v2.4.0. Attackers can exploit stack-based buffer overflows in the readOFF.cpp parser to execute arbitrary code. Anyone using libigl to process untrusted .off files is affected.

📋 TL;DR

This vulnerability allows remote code execution through specially crafted .off files in libigl v2.4.0. Attackers can exploit stack-based buffer overflows in the readOFF.cpp parser to execute arbitrary code. Anyone using libigl to process untrusted .off files is affected.

💻 Affected Systems

Products:

libigl

Versions: Version 2.4.0 specifically (and possibly earlier versions with similar code)

Operating Systems: All platforms where libigl is used (Linux, Windows, macOS)

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using libigl's OFF file parsing functionality is vulnerable when processing malicious .off files.

📦 What is this software?

Libigl by Libigl

View all CVEs affecting Libigl →

Libigl by Libigl

View all CVEs affecting Libigl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the application processing the .off file, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Application crash (denial of service) or limited code execution within the application's context, potentially leading to data leakage or further exploitation.

🟢

If Mitigated

Application crash with no code execution if memory protections (ASLR, DEP) are effective, but denial of service still occurs.

🌐 Internet-Facing: MEDIUM - Risk depends on whether the application processes .off files from untrusted sources over the internet. Web services accepting .off uploads are at higher risk.

🏢 Internal Only: LOW - Risk is lower if .off files only come from trusted internal sources, but still present if any untrusted files are processed.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting a malicious .off file, but no authentication is needed if the application processes such files. Public PoC exists in Talos advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 2.5.0 or later

Vendor Advisory: https://github.com/libigl/libigl/releases

Restart Required: Yes

Instructions:

1. Update libigl to version 2.5.0 or later. 2. Recompile any applications using libigl. 3. Restart affected services.

🔧 Temporary Workarounds

Input validation for .off files

all

Implement strict validation of .off file contents before passing to libigl parser

Disable .off file processing

all

If not needed, disable or remove functionality that processes .off files

🧯 If You Can't Patch

Implement strict file type validation and only accept .off files from trusted sources
Run the application with minimal privileges and in a sandboxed environment

🔍 How to Verify

Check if Vulnerable:

Check if your application uses libigl version 2.4.0 and processes .off files

Check Version:

Check build configuration or dependency files for libigl version

Verify Fix Applied:

Verify libigl version is 2.5.0 or later and test with known safe .off files

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing .off files
Unexpected memory access errors in logs

Network Indicators:

Unusual .off file uploads to web services
Large or malformed .off file transfers

SIEM Query:

source="application.log" AND ("segmentation fault" OR "buffer overflow" OR "OFF file")

📊 Metadata

CVE ID: CVE-2023-35951

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: May 28, 2024

Last Updated: February 12, 2025

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1784 Exploit,Mitigation,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35951, you might also want to check these: