CVE-2024-22181

2024-05-2814:02:39

CWE-129

talos

github.com

cve-2024-22181

readnode functionality

libigl v2.5.0

out-of-bounds write

.node file

attacker

malicious file

security vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.7%

JSON

An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

CNA Affected

[
  {
    "vendor": "libigl",
    "product": "libigl",
    "versions": [
      {
        "status": "affected",
        "version": "v2.5.0"
      }
    ]
  }
]