CVE-2024-24793

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Feb 20, 2024
CWE ID 416

Summary

CVE-2024-24793 is a use-after-free vulnerability affecting Imaging Data Commons libdicom 1.0.5. Maliciously crafted DICOM files can induce the vulnerable application to prematurely free memory, which is later used. The issue arises during the parsing of elements in the File Meta Information header, specifically in the `parse_meta_element_create()` function. An attacker exploiting this vulnerability could potentially execute arbitrary code or cause a denial-of-service condition.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share