Fabre

#1100439 assimp: CVE-2025-2151 #1100439

Package:: src:assimp

Source:: src:assimp

Submitter:: Salvatore Bonaccorso

Date:: 2025-08-29 20:07:07 UTC

Severity:: normal

Tags:

#1100439#5

Date:: 2025-03-13 21:51:12 UTC

From:

To:

Hi,

The following vulnerability was published for assimp.

CVE-2025-2151[0]:
| A vulnerability classified as critical was found in Open Asset
| Import Library Assimp 5.4.3. This vulnerability affects the function
| Assimp::GetNextLine in the library ParsingUtils.h of the component
| File Handler. The manipulation leads to stack-based buffer overflow.
| The attack can be initiated remotely. The exploit has been disclosed
| to the public and may be used.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-2151
https://www.cve.org/CVERecord?id=CVE-2025-2151
[1] https://github.com/assimp/assimp/issues/6016
[2] https://github.com/assimp/assimp/issues/6026
[3] https://github.com/assimp/assimp/commit/d2c6e64a1122884570caf4aaa589d810f5351f28

Regards,
Salvatore

#1100439 assimp: CVE-2025-2151 #1100439

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)