Vulnerabilities > CVE-2024-24794

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

CWE-416

NVD

Published: 2024-02-20

Updated: 2024-02-20

Summary

A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data Commons libdicom 1.0.5. A specially crafted DICOM file can cause premature freeing of memory that is used later. To trigger this vulnerability, an attacker would need to induce the vulnerable application to process a malicious DICOM image.The Use-After-Free happens in the `parse_meta_sequence_end()` parsing the Sequence Value Represenations.

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1931

Vulnerabilities > CVE-2024-24794 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-24794"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2024-24794