Vulnerabilities > CVE-2024-22373
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH network
high complexity
Summary
An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
References
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1935
- https://lists.fedoraproject.org/archives/list/[email protected]/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE/