libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. At ospdcommon.c, on the osdpreplyname function, any reply id between REPLYACK and REPLYXRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null (name = names[replyid - REPLY_ACK];). Null name will casue a crash on next line: if (name[0] == '\0') as null[0] is invalid. As this logic is not limited to a secure connection, attacker may trigger this vulnerability without any prior knowledge. This issue is fixed in 2.4.0.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52296.json",
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-476"
]
}"2026-07-09T08:33:51Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52296.json"
[
{
"id": "CVE-2024-52296-42013ff3",
"digest": {
"function_hash": "19324216122283965346011263709911722834",
"length": 1256.0
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/osdp-dev/libosdp/commit/24409e98a260176765956ec766a04cb35984fab1",
"deprecated": false,
"target": {
"function": "osdp_reply_name",
"file": "src/osdp_common.c"
}
},
{
"id": "CVE-2024-52296-bb0f4995",
"digest": {
"line_hashes": [
"286553202551388732001541327239852901514",
"89303886345137972058415696300314905153",
"253743706143264485288515863695414304367",
"271158803284206351798783790510864310014"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/osdp-dev/libosdp/commit/24409e98a260176765956ec766a04cb35984fab1",
"deprecated": false,
"target": {
"file": "src/osdp_common.c"
}
}
]