Primary

Context

GNU LibreDWG Null Pointer Dereference Vulnerability in Dwggrep Utility

Vulnerability

A null pointer dereference vulnerability has been identified in GNU LibreDWG versions through 0.14, specifically within the Dwggrep Utility. The issue arises in the match_BLOCK_HEADER function of dwggrep.c, where improper handling of certain input leads to a segmentation fault. This vulnerability requires local exploitation and has been publicly disclosed, with an associated proof-of-concept available.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the LibreDWG application.

Reproduction

The vulnerability can be reproduced by processing a crafted DWG file with the Dwggrep utility. LibreDWG should be built with debugging information and AddressSanitizer enabled, using AFL++ as the fuzzer. After compiling the application, Dwggrep can be run with a regular expression that matches any content, which will trigger the null pointer dereference when the malformed DWG file is processed.

Added: May 26, 2026, 5:38 PM

Updated: May 26, 2026, 5:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

9.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

0.0

relevance

9.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU LibreDWG Null Pointer Dereference Vulnerability in Dwggrep Utility

Vulnerability

Impact

Reproduction

Affected Products

GNU LibreDWG

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating