A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
The product calls free() twice on the same memory address.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Autocad | Autodesk | 2022 (including) | 2022.1.5 (excluding) |
Autocad | Autodesk | 2023 (including) | 2023.1.6 (excluding) |
Autocad | Autodesk | 2024 (including) | 2024.1.4 (excluding) |
Autocad | Autodesk | 2025 (including) | 2025.1 (excluding) |