CNNVD-202508-908 Information

CNNVD ID

CNNVD-202508-908

Related CVE

CVE-2025-8854

• CNNVD Published: 2025-08-11

Description (Chinese)

Bullet Physics SDK是Bullet Physics SDK开源的一个用于VR、游戏、视觉效果、机器人、机器学习等的实时碰撞检测和多物理模拟开发工具包。 Bullet Physics SDK 3.26之前版本存在安全漏洞，该漏洞源于处理特制OFF文件时存在栈缓冲区溢出，可能导致执行任意代码。

Description (English)

Bullet Physics SDK is a real-time impact detection and polyphysical simulation development toolkit for VRs, games, visual effects, robotics, machine learning, etc. There was a security loophole in the previous version of the Bullet Physics SDK 3.26, which resulted from the spilling of the barrage in the processing of specially created OFF documents, which could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Bullet Physics SDK

Published

2025-08-11

Last Modified

2026-02-24

References

https://github.com/bulletphysics/bullet3/issues/4732 https://github.com/bulletphysics/bullet3/blob/master/Extras/VHACD/test/src/main_vhacd.cpp#L472 https://access.redhat.com/security/cve/cve-2025-8854