CVE-2020-28635: 
Linux Debian vulnerability analysis and mitigation

Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. The vulnerability, identified as CVE-2020-28635, was discovered in 2020 and affects the CGAL library's polygon parsing capabilities. A specially crafted malformed file can lead to an out-of-bounds read and type confusion in the NefS2/SNCioparser.h SNCioparser::readsedge() seh->facet() function, which could potentially lead to code execution (Talos).

The vulnerability specifically occurs in the Nef polygon-parsing code within the CGAL library. The issue manifests as an out-of-bounds read vulnerability in the NefS2/SNCioparser.h file, specifically in the SNCioparser::readsedge() seh->facet() function. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 HIGH (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) by NIST NVD, while Talos assigned it a CVSS v3.0 score of 10.0 CRITICAL (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). The vulnerability is classified under CWE-129 (Improper Validation of Array Index) and CWE-125 (Out-of-bounds Read) (NVD).

The vulnerability can lead to code execution through out-of-bounds read and type confusion when processing specially crafted malformed files. This could potentially allow an attacker to execute arbitrary code by providing malicious input (Talos).

The vulnerability has been addressed in newer versions of CGAL. Users are recommended to upgrade to a patched version. For Debian 10 (buster), the fix was implemented in version 4.13-1+deb10u1. Gentoo users should upgrade to version 5.4.1 or later (Debian LTS, Gentoo).