CVE-2025-61154 identifies a heap buffer overflow vulnerability in the LibreDWG library, specifically in versions between v0.13.3.7571 and v0.13.3.7835. LibreDWG is an open-source library used for reading and writing DWG files, a proprietary format widely used in CAD applications. The vulnerability resides in the decompress_R2004_section function within the decode.c source file. When processing a maliciously crafted DWG file, this function can trigger a heap buffer overflow, which results in memory corruption. The primary consequence of this overflow is a Denial of Service (DoS), where the affected application or system crashes or becomes unresponsive. The vulnerability does not currently have a CVSS score assigned, and no public patches or exploits are reported. Exploitation requires the vulnerable software to process a malicious DWG file, which does not require authentication but does require that the file be opened or processed by the application using LibreDWG. This vulnerability primarily impacts the availability of systems, as the heap overflow leads to crashes rather than remote code execution. Given the nature of the vulnerability, attackers could disrupt CAD workflows or automated processing pipelines that rely on LibreDWG, causing operational downtime. The lack of known exploits in the wild suggests limited immediate threat, but the vulnerability should be addressed proactively. The absence of patches means organizations must consider temporary mitigations such as input validation, sandboxing, or disabling DWG file processing until a fix is released.

The primary impact of CVE-2025-61154 is a Denial of Service condition caused by a heap buffer overflow when processing crafted DWG files. For organizations, this can lead to application crashes, service interruptions, and potential downtime in environments where LibreDWG is used for CAD file handling or automated workflows. This may disrupt engineering, architectural, or manufacturing processes that depend on DWG file interoperability. While the vulnerability does not appear to allow code execution or data leakage, the loss of availability can have significant operational and financial consequences, especially in industries relying on continuous CAD operations. The lack of known exploits reduces immediate risk, but the ease of triggering the overflow by simply opening a malicious file means attackers with access to file inputs could cause disruptions. Organizations that integrate LibreDWG into larger systems or use it in automated pipelines may experience cascading failures. The vulnerability also poses a risk in shared environments where untrusted DWG files might be processed. Overall, the impact is medium severity due to the potential for operational disruption without direct compromise of confidentiality or integrity.

Organizations should immediately inventory their use of LibreDWG and identify any systems running vulnerable versions between v0.13.3.7571 and v0.13.3.7835. Until an official patch is released, consider the following mitigations: 1) Restrict or block untrusted DWG files from being processed by vulnerable software, implementing strict file validation and scanning at ingress points. 2) Employ sandboxing or containerization for applications that process DWG files to isolate potential crashes and prevent system-wide impact. 3) Monitor application logs and system stability for signs of crashes or abnormal behavior related to DWG file processing. 4) If feasible, temporarily disable DWG file processing features or switch to alternative libraries or tools not affected by this vulnerability. 5) Engage with the LibreDWG development community to track patch releases and apply updates promptly once available. 6) Educate users and administrators about the risks of opening untrusted DWG files and enforce strict file handling policies. These targeted mitigations go beyond generic advice by focusing on controlling input sources, isolating vulnerable processes, and proactive monitoring.