The vulnerability of the readOFF function in the libigl library for working with geometric objects in the C++ programming language allows a hacker to execute arbitrary code.

🗓️ 24 Oct 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

The libigl readOFF vulnerability overreads memory, enabling arbitrary code execution via a crafted file.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2024-24686	15 Oct 202423:25	–	circl
CNNVD	libigl 安全漏洞	28 May 202400:00	–	cnnvd
CVE	CVE-2024-24686	28 May 202414:02	–	cve
Cvelist	CVE-2024-24686	28 May 202414:02	–	cvelist
Debian CVE	CVE-2024-24686	28 May 202414:02	–	debiancve
EUVD	EUVD-2024-22085	3 Oct 202520:07	–	euvd
NVD	CVE-2024-24686	28 May 202414:15	–	nvd
OSV	UBUNTU-CVE-2024-24686	28 May 202414:15	–	osv
SUSE CVE	SUSE CVE-2024-24686	31 May 202403:26	–	susecve
Talos	libigl readOFF stack-based buffer overflow vulnerability	28 May 202400:00	–	talos

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-24686
vulners	www.vulners.com/nvd/NVD:CVE-2024-24686
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2024-1929
github	www.github.com/SpiralBL0CK/CVE-2024-24686
security-database	www.security-database.com/detail.php
web	www.web.nvd.nist.gov/view/vuln/detail
talosintelligence	www.talosintelligence.com/reports/TALOS-2024-1929

24 Oct 2024 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 27.2

CVSS 37.8

EPSS0.08999

libigl readOFF buffer overread arbitrary code execution crafted file memory safety