CVE-2024-25569

An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZJ4IG7EXMSMPHTK5ZFASCW6MHSOVZOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5HXUKUJ7SG3TK456SGUWVZ4Z5D7JKOL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJA7QWWZWMY4AQFR35EA7S3CFVUTOQYG/
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944

Configurations

No configuration.

History

No history.

Information

Published : 2024-04-25 15:16

Updated : 2024-05-05 03:15

NVD link : CVE-2024-25569

Mitre link : CVE-2024-25569

CVE.ORG link : CVE-2024-25569

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

6.5 /10