Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an .off file processed via the readOFF function.
{
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "v2.5.0"
},
{
"last_affected": "v2.5.0"
}
],
"source": "AFFECTED_FIELD"
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/24xxx/CVE-2024-24685.json",
"cna_assigner": "talos",
"cwe_ids": [
"CWE-121"
]
}