We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-24685



Description

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function.

Reserved 2024-01-26 | Published 2024-05-28 | Updated 2024-08-01 | Assigner talos


HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

v2.5.0
affected

Credits

Discovered by Philippe Laulheret of Cisco Talos.

References

talosintelligence.com/vulnerability_reports/TALOS-2024-1929

www.talosintelligence.com/...ability_reports/TALOS-2024-1929

cve.org (CVE-2024-24685)

nvd.nist.gov (CVE-2024-24685)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-24685

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.