Bug 2372998 (CVE-2025-6120)

Summary: CVE-2025-6120 assimp: Open Asset Import Library heap-based overflow
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A vulnerability has been discovered in the Open Asset Import Library (Assimp), specifically within the read_meshes functionality of the assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp file (related to Half-Life 1 MDL file loading). This flaw can lead to a heap-based buffer overflow. Under specific conditions, exploitation of this buffer overflow could result in unpredictable program behavior, memory corruption, or arbitrary code execution.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2373022, 2373024, 2373026, 2373028    
Bug Blocks:    

Description OSIDB Bzimport 2025-06-16 12:01:23 UTC 
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.