Skip to main content

Openfpgaloader EUVDEUVD-2026-19448

| CVE-2026-35176 HIGH
Out-of-bounds Read (CWE-125)
2026-04-06 GitHub_M
7.1
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
7.1 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

4
Re-analysis Queued
Apr 28, 2026 - 17:07 vuln.today
cvss_changed
EUVD ID Assigned
Apr 06, 2026 - 19:30 euvd
EUVD-2026-19448
Analysis Generated
Apr 06, 2026 - 19:30 vuln.today
CVE Published
Apr 06, 2026 - 18:59 nvd
HIGH 7.1

DescriptionGitHub Advisory

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection() that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability.

AnalysisAI

Heap buffer overflow in openFPGALoader 1.1.1 and earlier allows local attackers to read sensitive heap memory and cause denial-of-service by supplying a maliciously crafted .pof FPGA bitstream file. The vulnerability triggers during POF file parsing without requiring physical FPGA hardware, enabling information disclosure (high confidentiality impact) and application crashes (high availability impact). EPSS data not available; no public exploit identified at time of analysis, though GitHub security advisory confirms the flaw in open-source FPGA programming utility used by hardware developers and researchers.

Technical ContextAI

openFPGALoader is an open-source utility developed by trabucayre for programming various FPGA devices from manufacturers like Intel/Altera, Xilinx, and Lattice. The vulnerability resides in the POFParser::parseSection() function which handles Programmer Object File (.pof) format used primarily for Altera/Intel FPGAs. The CWE-125 classification identifies this as an out-of-bounds read vulnerability where the parser attempts to access heap memory beyond allocated buffer boundaries when processing section data in malformed .pof files. Because .pof files are external input processed before hardware interaction, attackers can trigger the overflow purely through file parsing logic without needing physical FPGA devices connected to the target system. The local attack vector (AV:L) and user interaction requirement (UI:R) indicate exploitation requires convincing a user to open a weaponized bitstream file with the vulnerable openFPGALoader version.

RemediationAI

Users should upgrade to openFPGALoader version 1.1.2 or later which contains fixes for the heap buffer overflow in POFParser::parseSection(). Download the patched release from the official GitHub repository at https://github.com/trabucayre/openFPGALoader following guidance in the security advisory GHSA-9x7m-m8gv-px2j. Until patching is complete, implement defensive measures including restricting .pof file processing to trusted sources only, validating file integrity through cryptographic signatures where possible, and running openFPGALoader in sandboxed environments to limit potential information disclosure from heap memory reads. Organizations should audit development workflows to identify users with openFPGALoader installed and prioritize updates for systems processing .pof files from external or untrusted origins.

Share

EUVD-2026-19448 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy