CVE-2024-24259

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 5, 2024
Updated: Feb 21, 2024
CWE ID 401

Summary

CVE-2024-24259 is a newly disclosed vulnerability affecting freeglut versions up to 3.4.0. The issue resides in the glutAddMenuEntry function, where a memory leak occurs due to the improper handling of the menuEntry variable. This can lead to a denial of service (DoS) scenario as the software consumes increasing amounts of memory over time. Attackers could potentially exploit this vulnerability by crafting specially crafted inputs to trigger the memory leak, causing the application to become unresponsive or crash. Users are advised to update to the latest version of freeglut to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share