Login Sign Up

CVE-2023-35953

7.8 HIGH
Remote Code Execution Buffer Overflow

📋 TL;DR

This vulnerability allows arbitrary code execution via stack-based buffer overflow when libigl parses malicious .off files. Attackers can exploit specially crafted files to execute code on affected systems. Users of applications that incorporate libigl for 3D geometry processing are affected.

💻 Affected Systems

Products:
  • libigl
Versions: v2.4.0 and potentially earlier versions
Operating Systems: All platforms where libigl is used
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using libigl's OFF file parsing functionality is vulnerable when processing untrusted .off files.

📦 What is this software?

Libigl by Libigl

View all CVEs affecting Libigl →

Libigl by Libigl

View all CVEs affecting Libigl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the affected system, enabling data theft, lateral movement, and persistent access.

🟠

Likely Case

Application crash leading to denial of service, with potential for remote code execution if attacker can deliver malicious .off files.

🟢

If Mitigated

Application crash without code execution if memory protections like ASLR/DEP are effective, but availability impact remains.

🌐 Internet-Facing: MEDIUM - Risk exists if applications process user-uploaded .off files from internet sources, but requires file upload capability.
🏢 Internal Only: LOW - Primarily affects specialized 3D processing applications; limited attack surface in typical enterprise environments.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires delivering a malicious .off file to the vulnerable application; no authentication needed for file parsing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.5.0 or later

Vendor Advisory: https://github.com/libigl/libigl/releases

Restart Required: Yes

Instructions:

1. Update libigl to version 2.5.0 or later. 2. Recompile any applications using libigl. 3. Restart affected applications/services.

🔧 Temporary Workarounds

Input Validation

all

Implement strict validation of .off files before processing with libigl

Memory Protection

linux

Enable ASLR, DEP, and stack canaries in compiled applications

gcc -fstack-protector-all -D_FORTIFY_SOURCE=2

🧯 If You Can't Patch

  • Isolate applications using libigl in restricted network segments
  • Implement application allowlisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check if application uses libigl version 2.4.0 or earlier and processes .off files

Check Version:

Check library version in source code or build configuration

Verify Fix Applied:

Verify libigl version is 2.5.0 or later and applications have been recompiled

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing .off files
  • Memory access violation errors

Network Indicators:

  • Unusual .off file uploads to affected applications

SIEM Query:

source="application_logs" AND ("segmentation fault" OR "access violation") AND "*.off"

📊 Metadata

CVE ID: CVE-2023-35953
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-121
Published: May 28, 2024
Last Updated: February 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35953, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)
CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)
CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)