THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-24685

Reserved:2024-01-26
Published:2024-05-28
Updated:2024-06-07

Description

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function.



HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

v2.5.0
affected

Credits

Discovered by Philippe Laulheret of Cisco Talos.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929

cve.org CVE-2024-24685

nvd.nist.gov CVE-2024-24685

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-24685