CVE-2024-46613

Summary

CVE-2024-46613 is a newly disclosed vulnerability affecting WeeChat, an instant messaging client, prior to version 4.4.2. This issue involves an integer overflow, leading to a subsequent buffer overflow, when managing lists with over two billion items. Specifically, the functions string_free_split_shared, string_free_split, string_free_split_command, and string_free_split_tags in core/core-string.c are susceptible to this vulnerability. An attacker could potentially exploit this flaw to execute arbitrary code, resulting in serious security implications. Users are advised to update to the latest version of WeeChat to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.