GNU LibreDWG Assertion Failure Vulnerability in Dwgread Utility

An assertion failure vulnerability has been identified in GNU LibreDWG versions through 0.14, specifically within the Dwgread Utility's 'decompress_R2004_section' function in 'src/decode.c'. This vulnerability arises from inadequate validation of offset and position values when processing maliciously crafted DWG R2004 compressed section data. As a result, the internal decompression position pointer can become smaller than the expected offset, leading to a program crash. The vulnerability requires local execution to exploit.

Impact

Exploitation of this vulnerability causes a program crash due to an assertion failure, aborting the process and generating a core dump.

Reproduction

The vulnerability can be reproduced by compiling GNU LibreDWG with AddressSanitizer enabled, using AFL++ as the fuzzing tool. After compiling the program, the 'dwgread' utility can be used to parse a maliciously crafted DWG file that triggers the assertion failure in the 'decompress_R2004_section' function.

Remediation

Users are advised to update to the patched version of GNU LibreDWG, which is available on the official GitHub repository.