CVE-2020-13531: Use After Free
A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file.
Affected Software
Event History
Frequently Asked Questions
What is CVE-2020-13531?
CVE-2020-13531 is a use-after-free vulnerability in Pixar OpenUSD 20.08 that can lead to memory corruption and arbitrary code execution.
How does CVE-2020-13531 affect Pixar OpenUSD?
CVE-2020-13531 affects Pixar OpenUSD 20.08 and can be triggered by a specially crafted file.
What is the severity level of CVE-2020-13531?
The severity level of CVE-2020-13531 is high with a CVSS score of 8.8.
How can CVE-2020-13531 be exploited?
CVE-2020-13531 can be exploited by using a specially crafted file to trigger the reuse of freed memory.
Is there a fix for CVE-2020-13531?
At the moment, there is no official fix available for CVE-2020-13531. It is recommended to update to a patched version or apply any available mitigations.