← Back

CVE-2024-48425

nvd nist
Published: Oct 24, 2024Modified: Jun 10, 2025

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a null or invalid pointer dereference.

Affected (1)

Products: Assimp: Assimp
Assimp
1 product
Assimp
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Assimp
Version 5.4.3

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (1)

Source: cve@mitre.org
ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.