NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-48426

Summary	A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971).
Publication Date	Oct. 25, 2024, 6:15 a.m.
Registration Date	Oct. 25, 2024, noon
Last Update	Oct. 30, 2024, 5:35 a.m.

Related information, measures and tools

Common Vulnerabilities List

JVN Vulnerability Information

assimp における古典的バッファオーバーフローの脆弱性

Title	assimp における古典的バッファオーバーフローの脆弱性
Summary	assimp には、古典的バッファオーバーフローの脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	参考情報を参照して適切な対策を実施してください。
Publication Date	Oct. 24, 2024, midnight
Registration Date	May 30, 2025, 1:28 p.m.
Last Update	May 30, 2025, 1:28 p.m.

Affected System

assimp

assimp 5.4.3

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2024-48426	https://www.cve.org/CVERecord?id=CVE-2024-48426
National Vulnerability Database (NVD)
2	CVE-2024-48426	https://nvd.nist.gov/vuln/detail/CVE-2024-48426

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-120	https://cwe.mitre.org/data/definitions/120.html

その他

No	Name	URL
関連文書
1	github.com (issues/5789)	https://github.com/assimp/assimp/issues/5789

Change Log

No	Changed Details	Date of change
1	[2025年05月30日] 掲載	May 30, 2025, 1:17 p.m.