CVE-2024-25569
Severity:
MEDIUM
Type:
CWE-125
Out-of-bounds Read
Publication date:
25/04/2024
Last modified:
05/05/2024
Description
An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG/
- https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944