CVE-2020-35630: 
Linux Debian vulnerability analysis and mitigation

Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion in the SNCioparser.h file, which could lead to code execution. The vulnerability specifically affects the readsface() function where an out-of-bounds read occurs in sfh->centervertex() (Talos Intelligence).

The vulnerability exists in the NefS2/SNCioparser.h file within the SNCioparser::readsface() function. When parsing Nef polygon data, the code reads indices from input files and uses them as vector indices without proper bounds checking. This leads to out-of-bounds memory access when accessing sfh->centervertex(), potentially resulting in type confusion and code execution ([Talos Intelligence](https://talosintelligence.com/vulnerabilityreports/TALOS-2020-1225)).

The vulnerability allows attackers to potentially execute arbitrary code by providing maliciously crafted input files. The out-of-bounds read and resulting type confusion can lead to memory corruption and potential code execution in the context of the application processing the Nef polygon data (Debian Security).

The vulnerability has been addressed in subsequent versions of CGAL. Users are recommended to upgrade to a patched version. For Debian 10 (buster), the fix is available in version 4.13-1+deb10u1. For Gentoo users, upgrading to version 5.4.1 or later is recommended (Gentoo Security, Debian LTS).