Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Lifecycle Timeline
4DescriptionGitHub Advisory
openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability.
AnalysisAI
Heap buffer overflow in openFPGALoader 1.1.1 and earlier allows local attackers to read sensitive heap memory and cause denial-of-service by supplying a maliciously crafted .pof FPGA bitstream file. The vulnerability triggers during POF file parsing without requiring physical FPGA hardware, enabling information disclosure (high confidentiality impact) and application crashes (high availability impact). EPSS data not available; no public exploit identified at time of analysis, though GitHub security advisory confirms the flaw in open-source FPGA programming utility used by hardware developers and researchers.
Technical ContextAI
openFPGALoader is an open-source utility developed by trabucayre for programming various FPGA devices from manufacturers like Intel/Altera, Xilinx, and Lattice. The vulnerability resides in the POFParser::parseSection() function which handles Programmer Object File (.pof) format used primarily for Altera/Intel FPGAs. The CWE-125 classification identifies this as an out-of-bounds read vulnerability where the parser attempts to access heap memory beyond allocated buffer boundaries when processing section data in malformed .pof files. Because .pof files are external input processed before hardware interaction, attackers can trigger the overflow purely through file parsing logic without needing physical FPGA devices connected to the target system. The local attack vector (AV:L) and user interaction requirement (UI:R) indicate exploitation requires convincing a user to open a weaponized bitstream file with the vulnerable openFPGALoader version.
RemediationAI
Users should upgrade to openFPGALoader version 1.1.2 or later which contains fixes for the heap buffer overflow in POFParser::parseSection(). Download the patched release from the official GitHub repository at https://github.com/trabucayre/openFPGALoader following guidance in the security advisory GHSA-9x7m-m8gv-px2j. Until patching is complete, implement defensive measures including restricting .pof file processing to trusted sources only, validating file integrity through cryptographic signatures where possible, and running openFPGALoader in sandboxed environments to limit potential information disclosure from heap memory reads. Organizations should audit development workflows to identify users with openFPGALoader installed and prioritize updates for systems processing .pof files from external or untrusted origins.
More in Openfpgaloader
View allSame weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-19448