CVE-2024-22181

Published: May 28, 2024Modified: Feb 12, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: CNA (Secondary)

Description

An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

Affected (1)

Products: Libigl: Libigl

Libigl

1 product

Libigl

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libigl Libigl	Version 2.5.0

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1930

Source: talos-cna@cisco.com

ExploitThird Party Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1930

Source: talos-cna@cisco.com

ExploitThird Party Advisory

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1930

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1930

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.